The rapid embrace of generative AI and autonomous agents has created a fundamental security challenge: while 73% of organizations expect AI agents to increase competitive advantage according to this PwC survey, the technology can introduce novel risks that traditional security tools cannot address by themselves. Based on the same survey, cybersecurity is now the number one concern for organizations deploying these agents.
We believe that defending this dynamic environment requires security that is integrated, automated, and built natively into the cloud platform. Security Command Center (SCC) is engineered to provide the best protection for both traditional and AI workloads in Google Cloud, using proprietary detectors and the same technology Google uses internally to protect itself.
SCC is available in 3 service tiers - Standard, Premium and Enterprise. Until now, advanced AI Protection features in SCC such as the AI Security Dashboard, Data Security Posture Management (DSPM), Compliance Manager, and Security Graph were only available to customers that sign long-term subscription commitments. We are now offering expanded purchasing flexibility for these advanced features by making them available to our SCC Premium pay-as-you-go (PayGo) customers.
AI security dashboard: The control center for securing AI workloads
Traditional security solutions are not designed to handle the unique risks and novel threat landscape posed on AI workloads and data. The AI Security dashboard feature, available for preview access in Security Command Center Premium, provides visibility and insights to help secure the end-to-end AI lifecycle in Google Cloud, with the ability to:
- Discover AI Assets: Gain essential visibility and understanding of your AI environment and associated risks. This includes asset inventory and lineage visualization across agents, models, data, and supporting infrastructure, including inventory of agents built on Vertex AI Agent Builder and running on Agent Engine.
- Secure AI Assets: Safeguard AI assets by detecting sensitive data to help prevent AI data loss and sensitive data exposure. AI-specific data posture controls for environments like BigQuery and Cloud Storage provides governance for both training and inference data. Software vulnerabilities on your AI infrastructure are prioritized and SCC also addresses AI compliance and governance with posture controls and drift detection with a dedicated AI Protection Framework.
- Manage AI Threats: Detect, investigate, and respond to threats targeting your AI workloads. This includes threats against Vertex AI applications for anomalous activities such as suspicious access or data exfiltration.
Protecting AI’s Fuel with Data Security Posture Management (DSPM)
Data is core to AI workloads, yet organizations face escalating risks of data breaches and sensitive data exposure. Data Security Posture Management is generally available with SCC PayGo. It provides end-to-end governance for data security, privacy, and compliance across your Google Cloud environment. Customers can discover, assess, and protect their data, while simplifying compliance for their data estate including critical data on BigQuery, Cloud Storage (GCS), and Vertex AI. New DSPM capabilities include the ability to apply application-centric controls and frameworks directly on their application to secure data where it lives and interacts, and support for IL5 compliance standard for U.S. Public Sector DoD workloads.
Addressing AI governance and compliance with Compliance Manager
New AI regulations and risks are introducing even more compliance requirements, making automation to reduce resource-intensive compliance checks and audits more critical. Compliance Manager is generally available to SCC Paygo customers and dramatically simplifies the compliance journey by enabling the configuration, monitoring, and auditing of security, privacy, and compliance controls across infrastructure, workloads, and data layers. Compliance Manager includes a comprehensive library of over 370+ controls and more than 10 frameworks, including built-in frameworks for AI Protection and DSPM as well as industry standards such as NIST and CIS. Compliance Manager also drives efficiency across applications, GRC, and security teams with the ability to enforce compliance at the application level using our application-centric controls and frameworks.
Uncovering complex risk with Security Graph
Security risks are often interconnected, forming "toxic combinations" that attackers exploit. SCC PayGo customers gain preview access to advanced Security Graph features including Graph Search for ad-hoc exploration and deep investigation to efficiently pinpoint specific cloud risks and relationships, and Correlated Threats to reduce alert noise by filtering thousands of isolated findings down to a small number of high-confidence attack stories to investigate.
Start protecting your AI workloads now
Protect your AI workloads and data, uncover novel risks and threats, and meet compliance requirements with Google Security Command Center. To experience the full capability of SCC Premium, start a 30-day free trial and continue using it after 30 days with pay-as-you-go.