Bloomberg Audio Studios, podcasts, radio news. You're listening to Bloomberg Business Week Daily with Carol Masser and Tim Stenebeck on Bloomberg Radio.
Hey listen, I'd just fresh off his panel. They talked about AI and security. Is Philip Vnables. He's chief information security officer at Google Cloud. Joining us here in studio.
How are you all good.
It's a good day to be here, great place, great a great event.
It is a great event.
Listen OURBI team they just kind of dig into really the specifics of stuff.
I want to just first start.
We asked this from our other guest from the Bloomberg AI event, and that is when you think about the global macro. Here we are in a day where we are obviously taking cues actually most days out of news from Washington, and whether today it's on tariffs, what of tariffs or the global macro think is really top of mind for you in what you do on a daily basis.
So I'm not really kind of involved in the side to really kind of talk about tarrorists, but we know when you look at the kind of the global geopolitical situation, one of the things we see all of our customers around the world, they're looking to us for help on defending their cyber security, whether it's from criminals or nation states.
And again they look in any conflict, now, all conflict has a cyber security dimension, and so they're looking to us as a leading security provider, whether it's on our own platform or with our tools to help them.
Does it pick up because of the tensions that we're seeing right now between the US and formally or still it's allies, like, are you seeing any kind of uptick?
Not at this stage either. I mean, and that's not necessarily a good news story because there's a constant backdrop of cyber attacks all around the world that many companies defend against, and so do we, and we help all these companies defend themselves.
But have you've seen a change in perhaps nation states such as Russia making attacks or trying to find vulnerabilities in your system just in the last couple of months, as we've seen a change in policy Russia from the not any distinct new level.
But again there's a constant background level of attack you do see, in particular see Russia targeting the supply chains of organizations helping the Ukraine war effort. Interesting but that's generally kind of all companies involved in that. We defend our platform every day against the myriad of attacks.
Is would you say that there are certain geographies that produce more of these attackers? Like where geographically are you defending?
I mean, I think organized criminals are all around the world. There's various concentrations. The big four nations we look at all the time as source of attacks Russia, China, North Korea, Iran, But cyber offense is a global phenomenon, not just.
Those those who's the most sophisticated.
I think, you know, you look at China's attacks recently and some of the well publicized events, the so called vault typhoon and salt typhoon events that have originated in China. I mean, I think a lot of these nations are quite sophisticated. I think China has been the more aggressive and assertive in recent times. Russia has got a history. But they're all they're all still still maintaining their offense.
All right, So what does wiz brig you I got to say when this deal crossed the Bloomberg term, of course, you guys thirty two billion dollar acquisition. Whiz a startup biggest cybersecurity focused.
Deal in history. Why do this deal? What does it bring you guys?
Well, so it's all about multi cloud. So one of the things we encounter in our support for our customers is most of our customers are running on multiple clouds. They have on premise environments, they have multiple SaaS companies, and the big important thing is how do they maintain a layer of security consistently across all of that. Wiz has grown a tremendous product and business to do that.
We already have been focused on multi cloud security, multi cloud operations, multi cloud tooling, and so it's a natural affinity for us. How do we support customers where they are in multiple clouds? That's the big impetus.
Is AI going to complicate all of this language models?
And it just feels like the buildout continues fill and whether it's on premise or not.
I mean, we think AI actually gives a defenders a more structure, structurally gives defenders an advantage versus attackers. Right now, attackers are using AI, they're using it for misinformation, disinformation, frauds, many things. But from a defensive purpose, AI empowers defenders because we have the data, we have the context. We have the ability to use it unique to our organization, and our customers are finding that, and so there's a
structural advantage in how defenders use AI. Now, of course they've got to take advantage of that advantage obviously, but generally speaking, we're seeing more advances in the defensive use of AI than we're currently seeing on offensive use of AI. But the attackers are going to make use of AI in the future as well.
Can you characterize how many steps in general you are ahead of the most advanced attackers.
It's hard to do a kind of comparison like that because you always have to look at specific attacks. But the thing, main thing we're focused on with our threat in intelligence capability, our defensive capability is just constantly, relentlessly upgrading our infrastructure and then providing that security upgrade to our customers through our platform and products.
How quickly are things moving right now, especially on the AI front. I speak to some folks in the AI world who say we're making leaps and bounds within twelve week periods at this point. The piece of innovation is unbelievable.
Oh yeah, I mean, I think the pace of innovation is increasing, whether it's on model development, whether it's on the platforms that run the models, that contain the tooling to let people get the best out of the models, all the way up through what we're seeing now in a revolution of how we're deploying AI agents to orchestrate
business processes and ultimately parts of our lives. And we're all working very hard to look at how do we make sure the agent environment is secured in the same way that we would expect.
How fast is all of this happening, The changes, the challenges like we keep up Deep Seek and how that was you know earlier this year kind of a rethink all of a sudden, And I'm just curious how you guys are seeing it, because you're dealing with a day in and day out. We obviously get the headlines, We get the announcements from the different companies and try to keep up and watch what investors are doing.
But I'm just curious.
So we're seeing it in terms, I mean, where one of the few companies that has the whole stack of AI, from the models to the hardware, to the software, to the platform infrastructure, and so we see in every part of what we do, constant innovation and meeting customer expectations and future custom in demand. We also see it because we host many other models on our platform. A big part of the value is the platform we bring where customers can choose not just our models, but other models as well.
So what's right in the narrative that's being talked, certainly in the investment world, what's maybe wrong?
I don't think and not really seeing anything that's wrong. I think mainly people are looking across the environment and seeing how can we make best use of this technology to fit our particular business need. And we're seeing more and more prizes with our help, getting more sophisticated about how quickly they cannot just tap into the innovation but make that innovation productive in their business.
You mentioned the agentic side of things, and I want to talk there a little bit as far as defense and offense go. Something that I could imagine concerning people in your position would be the information that agents have
and the information that agents are given. How do you ensure that what agents are doing, whether from a consumer perspective it's booking a vacation or booking flights, which you can do, you know, with Chad Shept's two hundred dollars a month plan how do you make sure that the information that they have stays safe, stays secure and it really isn't used for bad stuff.
Well, so it all comes down to who's building those agents, And this is why I think it's important in this environment to.
Be well, the way it's going, everybody's going to be able to know that's right.
And so ultimately you're going to have like the tools we provide people help people build agents that have privacy properties, are controlled, are secured. But ultimate we're all going to be responsible for making sure we look at the you know, the agents we choose to use should have a degree of trust from the companies we get them from. Now, we and many other companies are working on multiple different standards and frameworks to equip everybody through the platforms with
the ability to run agents securely. But there's a lot of work still to be done on how you would delegate your privilege to an agent to act on your behalf, and everybody's working on it.
Yeah, the autonomous right I mean in terms of agents and like being able to kind of keep going and make decisions and stuff like that.
True, well, and make decisions under the constraints you give it.
Right, the pull in stuff that you don't necessarily want them to do right.
And how how a company constructs an agent to act on your behalf and give you the transparency and feedback about what you wanted to do is going to be a key differentiator for companies that build these things.
Hey, thirty seconds before we let you go, I always like to ask people in your position for one tip on how we can stay safe in this new cyber world.
So use talking about gain here. Use the platforms and the security defaults we built into the platforms. So we spend a lot of time thinking about how we ship product, how we ship platforms. We make the defaults as strong as we can to protect people who come onto the platform. Use the defaults, use the secure by design that we provide and that people go along with.
All right, grit stuff, Thank you awesome, so appreciate it.
Phil Vennable's Chief Information security Officer, Google Cloud, joining us here in studio