Cloud Security Podcast by Google

Guest:
Vishwas Manral, CEO at Precize.ai
Topic:
Why is agent security so different from "just" LLM security?
Why now? Agents are coming, sure, but they are - to put it mildly - not in wide use. Why create a top 10 list now and not wait for people to make the mistakes?
It sounds like "agents + IAM" is a disaster waiting to happen. What should be our approach for solving this? Do we have one?
Which one agentic AI risk keeps you up at night? 
Is there an interesting AI shared responsibility angle here? Agent developer, operator, downstream system operator?
We are having a lot of experimentation, but sometimes little value from Agents. What are the biggest challenges of secure agentic AI and AI agents adoption in enterprises?
Resources:
Top 10 threats and mitigation for AI Agents
Past podcast AI episodes
Cloud CISO Perspectives: How Google secures AI Agents (and paper)
Top AI Risks from SAIF
CoSAI
From turnkey to custom: Tailor your AI risk governance to help build confidence

Guest:
Elie Burstein,  Distinguished Scientist, Google Deepmind
Topics: 
What is Sec-Gemini, why are we building it?
How does DeepMind decide when to create something like Sec-Gemini? 
What motivates a decision to focus on something like this vs anything else we might build as a dedicated set of regular Gemini capabilities? 
What is Sec-Gemini good at? How do we know it's good at those things? 
Where and how is it better than a general LLM?
Are we using Sec-Gemini internally?
 Resources:
Video version
EP238 Google Lessons for Using AI Agents for Securing Our Enterprise
EP255 Separating Hype from Hazard: The Truth About Autonomous AI Hacking
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side
Big Sleep, CodeMender blogs

Guest:
Royal Hansen, VP of Engineering at Google, former CISO of Alphabet
Topics:
The "God-Like Designer" Fallacy: You've argued that we need to move away from the "God-like designer" model of security—where we pre-calculate every risk like building a bridge—and towards a biological model. Can you explain why that old engineering mindset is becoming risky in today's cloud and AI environments?
Resilience vs. Robustness: In your view, what is the practical difference between a robust system (like a fortress that eventually breaks) and a resilient system (like an immune system)? How does a CISO start shifting their team's focus from creating the former to nurturing the latter?
Securing the Unknown: We're entering an era where AI agents will call other agents, creating pathways we never explicitly designed. If we can't predict these interactions, how can we possibly secure them? What does "emergent security" look like in practice?
Primitives for Agents: You mentioned the need for new "biological primitives" for these agents—things like time-bound access or inherent throttling. Are these just new names for old concepts like Zero Trust, or is there something different about how we need to apply them to AI?
The Compliance Friction: There's a massive tension between this dynamic, probabilistic reality and the static, checklist-based world of many compliance regimes. How do you, as a leader, bridge that gap? How do you convince an auditor or a board that a "probabilistic" approach doesn't just mean "we don't know for sure"?
 "Safe" Failures: How can organizations get comfortable with the idea of designing for allowable failure in their subsystems, rather than striving for 100% uptime and security everywhere?
Resources:
Video version
EP189 How Google Does Security Programs at Scale: CISO Insights
BigSleep and CodeMender agents
"Chasing the Rabbit" book  
"How Life Works: A User's Guide to the New Biology" book

Guest:
Chris Sistrunk, Technical Leader, OT Consulting, Mandiant
Topics:
When we hear "attacks on Operational Technology (OT)" some think of Stuxnet targeting PLCs or even backdoored pipeline control software plot in the 1980s. Is this space always so spectacular or are there less "kaboom" style attacks we are more concerned about in practice?
Given the old "air-gapped" mindset of many OT environments, what are the most common security gaps or blind spots you see when organizations start to integrate cloud services for things like data analytics or remote monitoring?
How is the shift to cloud connectivity - for things like data analytics, centralized management, and remote access -  changing the security posture of these systems? What's a real-world example of a positive security outcome you've seen as a direct result of this cloud adoption?
How do the Tactics, Techniques, and Procedures outlined in the MITRE ATT&CK for ICS framework change or evolve when attackers can leverage cloud-based reconnaissance and command-and-control infrastructure to target OT networks? Can you provide an example?
OT environments are generating vast amounts of operational data. What is interesting for OT Detection and Response (D&R)?
Resources:
Video version
Cybersecurity Forecast 2026 report by Google
Complex, hybrid manufacturing needs strong security. Here's how CISOs can get it done blog
"Security Guidance for Cloud-Enabled Hybrid Operational Technology Networks" paper by Google Cloud Office of the CISO
DEF CON 23 - Chris Sistrunk - NSM 101 for ICS 
MITRE ATT&CK for ICS

Guest:
Bruce Schneier
Topics:
Do you believe that AI is going to end up being a net improvement for defenders or attackers?  Is short term vs long term different?
We're excited about the new book you have coming out with your co-author Nathan Sanders "Rewiring Democracy".  We want to ask the same question, but for society: do you think AI is going to end up helping the forces of liberal democracy, or the forces of corruption, illiberalism, and authoritarianism? 
If exploitation is always cheaper than patching (and attackers don't follow as many rules and procedures), do we have a chance here? 
If this requires pervasive and fast "humanless" automatic patching (kinda like what Chrome does for years), will this ever work for most organizations?
Do defenders have to do the same and just discover and fix issues faster? Or can we use AI somehow differently?
Does this make defense in depth more important?
How do you see AI as changing how society develops and maintains trust? 
Resources:
"Rewiring Democracy" book
"Informacracy Trilogy" book
Agentic AI's OODA Loop Problem
EP255 Separating Hype from Hazard: The Truth About Autonomous AI Hacking
AI and Trust
AI and Data Integrity
EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025
RSA 2025: AI's Promise vs. Security's Past — A Reality Check