Home

Published

- 11 min read

Google Cloud Next 25: Security and AI Recap

By William OGOU
Mandiant Google Unified Security gcp recap cloud next 25 google cloud
img of Google Cloud Next 25: Security and AI Recap

Las Vegas buzzed with the energy of Google Cloud Next ‘25, and while Artificial Intelligence undoubtedly stole many headlines, the savvy CISO knows that true digital transformation rests on a bedrock of robust infrastructure and impenetrable security.

Beneath the dazzling AI spotlight, Google unveiled significant advancements sharpening its cybersecurity posture and enhancing the very fabric of its cloud network. Forget the hype for a moment; these are the critical infrastructure and cyber announcements from Cloud Next ‘25 that demand your attention, shaping the future of secure and connected cloud operations.

AI and Multi-Agent Systems: The Intelligence Engine Gets Upgrades

While infrastructure and security form the foundation, Google Cloud Next ‘25 undeniably pulsed with advancements in Artificial Intelligence, particularly focusing on more capable models and the burgeoning field of autonomous, collaborative AI agents. Google is clearly betting on a future where AI is not just a tool, but an active participant in workflows, requiring powerful models and sophisticated systems to manage them. Let’s unpack the key announcements in this rapidly evolving space. For a broader comparison of cloud provider security, see AWS vs Azure vs Google Cloud Security.

Foundation Models: Powering the Next Wave

The core intelligence driving AI applications saw significant upgrades and additions, building on Google DeepMind’s research:

  • Gemini 2.5 Pro: Engineered for peak quality and tackling complex reasoning/coding tasks, this flagship model entered public preview on Vertex AI, AI Studio, and the Gemini app, already claiming top spots on leaderboards like the Chatbot Arena.
  • Gemini 2.5 Flash: Optimized for low latency and cost-efficiency, this speed-focused model is marked as “coming soon” to Vertex AI and AI Studio, promising rapid responses.
  • Imagen 3: Google’s premier text-to-image model received updates enhancing image generation quality and adding improved inpainting capabilities to reconstruct missing or damaged image sections.
  • Chirp 3: The audio generation and understanding model introduced “Instant Custom Voice,” enabling the creation of custom voices from just 10 seconds of audio input, alongside improved multi-speaker transcription.
  • Lyria: Positioned as the industry’s first enterprise-ready text-to-music model, Lyria can transform text prompts into 30-second music clips.
  • Veo 2: The advanced video generation model gained new editing features (inpainting, outpainting, interpolation) and camera controls for more precise video refinement.
  • Open Models via Ai2 Partnership: Google Cloud partnered with Ai2 to bring its open model portfolio to the Vertex AI Model Garden, broadening the choice available on the platform.

These models are coupled with enterprise features like SynthID watermarking and copyright indemnity, crucial for business adoption.

Vertex AI Enhancements: Tuning, Deploying, and Managing Models

Serving as Google Cloud’s unified AI platform, Vertex AI received substantial updates to streamline the MLOps lifecycle:

  • Vertex AI Dashboards: New dashboards provide enhanced visibility and control for monitoring model usage, throughput, latency, and troubleshooting errors.
  • Model Customization and Tuning: Expanded capabilities allow secure custom training and tuning using proprietary data on top of both Google’s first-party models (Gemini, Imagen, etc.) and open models (Gemma, Llama, Mistral).
  • Vertex AI Model Optimizer: This tool automatically generates the highest quality response for a given prompt based on a desired balance of quality and cost, optimizing inference efficiency.
  • Live API: A new API enables streaming audio and video directly into Gemini models, allowing agents to process and respond to rich media in real-time.
  • Vertex AI Global Endpoint: Provides capacity-aware routing for Gemini models across multiple regions, ensuring application responsiveness even during traffic peaks or regional fluctuations.

Building the Future: Multi-Agent Ecosystems Take Flight

Google made significant strides towards enabling sophisticated systems where multiple AI agents collaborate:

  • Agent Development Kit (ADK): An open-source framework designed to simplify building complex multi-agent systems while retaining precise control. It supports the Model Context Protocol (MCP) for unified interaction with data sources and tools. (See also: MCP Security Part 1)
  • Agent2Agent (A2A) Protocol: Heralded as a first-of-its-kind open standard, developed with over 50 partners (including Accenture, Salesforce, SAP, ServiceNow), A2A enables AI agents built by different vendors or on different frameworks to securely communicate, exchange information, and coordinate actions.
  • Agent Garden: Accessible via the ADK, this collection offers ready-to-use, pre-built agent patterns, components, and working examples to accelerate development.
  • Agent Engine: A fully managed runtime within Vertex AI for deploying custom agents to production with built-in testing, release management, and global reliability.
  • Grounding with Google Maps: Agents requiring geospatial context can now be grounded with Google Maps (initially for U.S. locations), enabling responses tied to real-world places.
  • Customer Engagement Suite: The latest version features more human-like voices, emotional understanding for adaptive conversations, and streaming video support, allowing AI agents to interpret and respond to visual input in real time.

Empowering Employees: Agentspace Evolves

Google Agentspace, designed to bring enterprise search and AI agents to every employee, received key updates:

  • Integrated with Chrome Enterprise: Agentspace functionality is brought directly into the Chrome browser, allowing employees to securely find information and resources within their existing workflows.
  • Agent Gallery: Provides a unified view of available agents across the enterprise – whether from Google, internal teams, or partners – simplifying discovery and usage.
  • Agent Designer: A no-code interface empowers employees to create custom agents for automating routine tasks or augmenting knowledge without needing programming skills.

These collective AI and agent advancements signal Google Cloud’s push towards a more integrated, intelligent, and automated future for enterprises.

Google Unified Security

Complexity is the enemy of security, a truth keenly felt by CISOs grappling with fragmented toolsets against an ever-expanding attack surface. Google threw down the gauntlet at Next ‘25, unveiling Google Unified Security, its ambitious new platform designed to break down these silos. This isn’t just another product; it’s a strategic convergence aiming to weave a single, intelligent security data fabric across the entire organization. Imagine gaining complete visibility across networks, cloud, applications, and endpoints, all enriched by cutting-edge threat intelligence and AI.

The Five Pillars of Unified Security

This converged solution intelligently integrates five core components, creating a cohesive defense ecosystem:

  • Security Operations: Streamlining detection, investigation, and response.
  • Cloud Security: Protecting workloads and data natively within Google Cloud.
  • Threat Intelligence: Leveraging Google’s vast visibility and Mandiant’s frontline expertise.
  • Secure Browsing: Hardening the endpoint via Chrome Enterprise.
  • Mandiant Expertise: Access to world-class incident response and consulting.

This unified approach promises not just better visibility but context-rich data, enabling security teams to react faster and more effectively than ever before.

Gemini-Powered Agents: AI Joins the Security Frontline

Making the Unified Security vision truly potent is the infusion of Google’s powerful Gemini AI models. Two groundbreaking Gemini-driven security agents were announced (previewing Q2 2025), set to transform security operations:

  • Alert Triage Agent: Integrated with Google Security Operations, this agent autonomously investigates alerts, analyzes context, gathers evidence, and delivers verdicts, freeing up human analysts for critical threats.
  • Malware Analysis Agent: Embedded within Google Threat Intelligence, it dissects potentially malicious code, executes deobfuscation scripts, and provides detailed summaries, accelerating malware analysis workflows.

This is AI not just assisting security, but actively participating in the defense lifecycle.

Sharpening the Security Command Center

Google’s Security Command Center (SCC) also received crucial upgrades:

  • Model Armor: Directly integrated with Vertex AI, applying specific security controls to AI requests and responses, protecting AI workloads themselves.
  • Data Security Posture Management (DSPM): A new tool (previewing in June) to discover, classify, and protect sensitive data, establish controls, monitor for violations, and ensure compliance.
  • Compliance Manager: A new offering (previewing end of June) providing a comprehensive view of an organization’s compliance status.

These additions make SCC an even more central hub for managing cloud risk.

Mandiant & Chrome Enterprise Bolstered

The integration story continues with key service updates:

  • Mandiant Threat Defense for Google Security Operations: is now Generally Available (GA), embedding Mandiant expertise directly into SecOps workflows for AI-assisted threat hunting, investigation, and SOAR capabilities.
  • Chrome Enterprise: gains enhanced phishing protection, using Google Safe Browsing data to shield employees from lookalike sites and credential theft attempts, even on internal domains. Data masking in Chrome Enterprise Premium (now GA) and expanded protections for Android devices further harden the browser endpoint.
  • The Mandiant Retainer: now offers more flexibility, allowing customers to redeem prepaid funds for proactive services, boosting resilience. Partnerships with Rubrik and Cohesity aim to streamline post-cyberattack recovery.

Fortifying the Foundation: Confidential Computing Leaps Forward

Protecting data at rest and in transit is standard; protecting it while in use in memory is the next frontier, especially crucial for sensitive AI workloads. Confidential Computing provides this hardware-based protection using secure execution environments (TEEs). Google significantly expanded its confidential capabilities:

  • Confidential GKE Nodes Boost: Google Kubernetes Engine (GKE) confidential nodes will gain support for the latest TEE technologies from AMD (SEV-SNP) and Intel (TDX) in Q2. This brings cutting-edge memory protection to containerized workloads.
  • Confidential Computing for GPUs: Support arrives for Confidential Computing on GPU instances (via the A3 series based on NVIDIA H100 accelerators). This groundbreaking move allows organizations to combine high-performance AI/ML computation with enhanced data security during processing, keeping data encrypted even between the CPU and GPU.

This isn’t just about locking down traditional data; it’s about securing the future of AI processing itself.

Unleashing the Network: Cloud WAN Connects at Google Speed

Google’s planet-spanning private network – connecting 42 regions with over 2 million kilometers of cable – has long been a key differentiator. Now, this high-speed, low-latency backbone is directly available to enterprises via the new Cloud Wide Area Network (Cloud WAN). Forget unpredictable internet routing; Cloud WAN promises:

  • Enhanced Performance & Reduced Costs: Google claims up to 40% network performance improvement and up to 40% operational cost reduction compared to self-managed internet connectivity solutions by optimizing traffic routing across its private network.
  • Simplified Global Connectivity: Easily connect geographically dispersed data centers, branch offices, and campus environments with a fully managed, reliable, and secure enterprise backbone.
  • Seamless Integration: The new Cross-Site Interconnect(preview) provides Layer 2 connectivity between data centers via dedicated 10G or 100G links. Cloud WAN also integrates with Premium Tier networking (minimizing public internet hops) and security solutions from partners like Palo Alto Networks and Menlo Security, plus compatibility with SD-WAN providers like Cisco, Fortinet, and BT.

This move essentially productizes Google’s network advantage for enterprise consumption.

Powering the Most Demanding Workloads: HPC Gets a Boost

Beyond general infrastructure, Google Cloud also unveiled powerful new options specifically for High-Performance Computing (HPC):

  • H4D VMs Debut: New “H4D VM” instances, based on AMD’s 5th generation EPYC processors, arrive to tackle demanding computational tasks like fluid dynamics, weather modeling, and molecular dynamics.
  • Significant Performance Uplift: These VMs boast impressive gains: 1.8x higher performance per VM and 1.6x per core compared to previous-gen C3D HPC VMs, and a staggering 5.8x per VM / 1.7x per core jump compared to C2D VMs. They deliver 12,000 Gflops per node and 950 GB/s of memory bandwidth.
  • Enhanced Connectivity: Featuring 200 Gbps networking with Cloud RDMA technology, H4D VMs ensure efficient communication between compute nodes, critical for large-scale cluster performance. Google Cloud’s dynamic workload planner and Cluster Director service simplify deploying and managing these complex HPC clusters.

This demonstrates a continued commitment to providing cutting-edge resources for scientific and engineering simulations.

Conclusion: Infrastructure and Security Remain Core Pillars

While Google Cloud Next ‘25 undeniably showcased the transformative power of AI, it also delivered critical advancements reinforcing the fundamental infrastructure and security layers beneath.

The launch of Google Unified Security marks a significant step towards integrated, AI-powered defense. Confidential Computing updates push the boundaries of data protection during processing. Cloud WAN democratizes access to Google’s formidable global network, and new HPC VMs provide immense power for specialized workloads.

For CISOs and IT leaders, these non-AI announcements are just as vital as the generative models, representing Google’s commitment to providing a secure, reliable, and high-performance platform for all enterprise needs, ensuring the digital bedrock is as strong as the innovations built upon it.

To further enhance your Google cloud security, contact me on LinkedIn Profile or [email protected].

Frequently Asked Questions (FAQ)

  • What is Google Unified Security? Google Unified Security is a new, converged security platform announced at Google Cloud Next ‘25, integrating threat intelligence, security operations, cloud security, Mandiant expertise, and secure browsing into a unified data fabric, powered by Gemini AI, to combat tool fragmentation and improve visibility.
  • Why did Google launch Cloud WAN? Google launched Cloud WAN to allow enterprise customers to directly leverage Google’s high-speed, low-latency global private network for their wide area network needs, aiming to improve performance (up to 40%) and reduce operational costs (up to 40%) compared to traditional solutions.
  • How is Google enhancing Confidential Computing for AI? Google announced Confidential Computing support for GPU instances (NVIDIA H100 based A3 series), allowing data to remain encrypted even while being processed by GPUs, crucial for securing sensitive AI/ML workloads. They also announced upcoming GKE node support for AMD SEV-SNP and Intel TDX.
  • When will the new Google Cloud DSPM tool be available? The new Data Security Posture Management (DSPM) tool within Security Command Center was announced to be available in preview starting in June (following the April Next ‘25 event).
  • Who benefits most from the new H4D Virtual Machines? Organizations running large-scale High-Performance Computing (HPC) workloads, such as scientific simulations (e.g., fluid dynamics, weather modeling) or complex engineering calculations, will benefit most from the significant performance increases offered by the new AMD EPYC 5th gen-based H4D VMs.

Resources