Google Cloud rolls out automatic basic AI and cloud security by default

Google Cloud announced a strategic move in cybersecurity, automatically activating core protection features for artificial intelligence and cloud infrastructure. These critical security tools will now be available by default to all eligible customers using the Security Command Center Standard tier (SCC Standard). This innovation aims to significantly simplify the security process, especially for the growing number of developers and innovators working with AI technologies. Activating SCC Standard requires no additional action from users, making basic protection more accessible and universal.

The updated SCC Standard provides developers with a unified dashboard for comprehensive AI protection. This dashboard can detect unprotected inference of Gemini models, as well as violations of restrictions and policies set for large language models (LLM). By the end of June this year, Google Cloud plans to make four foundational AI health controls generally available, enabling organizations to effectively manage the security of their AI systems and minimize potential risks. These tools are integrated directly into the platform, providing a proactive approach to detecting and mitigating AI-specific vulnerabilities.

The rapid advancement of artificial intelligence technologies creates unprecedented security challenges for organizations of all sizes. Google Cloud aims to integrate AI protection directly into its cloud defense strategy by providing built-in controls by default. This approach not only democratizes access to critical AI and cloud security features but also sets a new industry standard. In addition to specialized AI features, SCC Standard also includes 44 configuration checks based on Google Cloud Security Essentials (GCSE) best practices, agent-based vulnerability scanning, and detailed risk insights covering the client's entire cloud environment.

Extensive changes also encompass Data Security Posture Management (DSPM) for key services such as Vertex AI, BigQuery, and Cloud Storage, ensuring the protection of sensitive information throughout its lifecycle. Furthermore, the updated Compliance Manager now offers automated monitoring and reporting in accordance with the GCSE framework, significantly simplifying regulatory compliance. For cloud environment administrators, new contextual security data has been introduced in the Cloud Hub dashboard (available in preview).