Google Cloud has announced AI Protection, a comprehensive solution to protect risk to, and threats within, the use of generative AI.
Google Cloud’s AI Protection is designed to “to help teams comprehensively manage AI risk”. It has three core capabilities: discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities.
AI Protection integrates with Google’s Security Command Center (SCC) to provide teams with a centralized view of their IT posture and manage AI risks in the context of other cloud risks.
Discovering AI inventory. The old CISO adage of ‘you cannot secure what you cannot see’ is writ large in the AI era. But, writes Archana Ramamoorthy Senior Director, product management at Google Cloud Security in a blog on AI Protection, “Our capabilities help you automatically discover and catalog AI assets, including the use of models, applications, and data — and their relationships.”
Coupled with this, Google Cloud’s Sensitive Data Protection now extends its automated discovery to Vertex AI datasets. Vertex is Google Cloud’s gen-AI development platform that includes more than 150 foundation models including Gemini 1.5 Pro and Gemini 1.5 Flash.
When you know what you have and where it is, the integration with SCC comes in – virtual red teaming can be invoked to recognize ‘toxic combinations’ and possible attack paths, and to provide remediation recommendations.
Securing AI assets. AI Protection’s Model Armor is a key component in securing the LLMs and their use. It detects and prevents prompt injection and jailbreak attempts. It inspects prompts and sanitizes them before passing to the LLM. It inspects responses and sanitizes them before passing to the user. It uses RBAC to manage access and permissions; it filters for indecent or harassing content and malicious URLs; and it provides data loss prevention through Google Cloud’s Sensitive Data Protection preventing the leakage of both IP and PII.
Managing AI threats. AI Protection calls upon the combined intelligence and research available from both Google and Mandiant. “Detectors in Security Command Center can be used to uncover initial access attempts, privilege escalation, and persistence attempts for AI workloads,” writes Ramamoorthy.
Overall, AI protection offers a suite of capabilities to defend against the new risks directly associated with the growing use of AI models. But in many senses, it is more than just a new product – it’s an expansion of the Google Cloud AI security platform, and its integration with other Google Cloud offerings provides a wider solution to AI security issues. Integration with SCC ensures that AI security can be viewed in the context of all network threats, and doesn’t become a separate siloed requirement.
Integration with Sensitive Data protection can help with regulatory compliance. This can be enhanced by Google Cloud’s Assured Workloads which can control the geographic region in which data at rest is located — essential for heavily regulated industries and European regulations. Integration with Confidential Computing protects data at rest and in transit, and “can help ensure data remains protected throughout the entire processing pipeline, reducing the risk of unauthorized access, even by privileged users or malicious actors within the system,” writes Ramamoorthy.
So, while AI Protection is a major new AI security product, it is best viewed as a key component in an umbrella AI protection. This is important. A Darktrace survey (PDF) of 1,500 security professionals working with AI, released on March 4, 2025, notes, “CISOs have expressed a preference for broader platforms over point products (89%)”
AI Protection on Google Cloud provides a broad AI security platform. “Piecemeal solutions can leave and have left critical vulnerabilities exposed, rendering organizations susceptible to threats like adversarial attacks or data poisoning, and added to the overwhelm experienced by security teams,” adds Grace Trinidad, research director, IDC. “Google Cloud simplifies and thus improves the experience of securing AI for customers.”
Related: AIceberg Gets $10 Million in Seed Funding for AI Security Platform
Related: Pangea Launches AI Guard and Prompt Guard to Combat Gen-AI Security Risks
Related: Singulr Launches With $10M in Funding for AI Security and Governance Platform
Related: Cyber Insights 2025: Artificial Intelligence
About The Author
Original post here
