Categories: FAANG

Cloud CISO Perspectives: How Google + Wiz changes multicloud strategy for CISOs

Vinod DSouzamax 1000x1000 1

Welcome to the first Cloud CISO Perspectives for May 2026. Today, Vinod D’Souza, director, Office of the CISO, shares highlights from his RSA Conference fireside chat with Anthony Belfiore, chief strategy officer, Wiz.

As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this on the website and you’d like to receive the email version, you can subscribe here.

aside_block: <ListValue: [StructValue([(‘title’, ‘Get vital board insights with Google Cloud’), (‘body’, <wagtail.rich_text.RichText object at 0x7f1988370400>), (‘btn_text’, ‘Visit the hub’), (‘href’, ‘https://cloud.google.com/solutions/security/board-of-directors?utm_source=cgc-site&utm_medium=et&utm_campaign=FY26-Q2-GLOBAL-GCP39634-email-dl-dgcsm-CISOP-NL-177159&utm_content=-&utm_term=-‘), (‘image’, <GAEImage: GCAT-replacement-logo-A>)])]>

How Google + Wiz changes multicloud strategy for CISOs

By Vinod D’Souza, director, Office of the CISO, and Anthony Belfiore, chief strategy officer, Wiz

Vinod D’Souza, Director, Office of the CISO

The cybersecurity landscape is undergoing a massive paradigm shift that is being driven by increasingly complicated cloud infrastructure and the ongoing, rapid rise of AI. While threat actors have seen gains from the adversarial misuse of AI, Google and Wiz are tackling these challenges head-on by combining Wiz’s deep cloud telemetry with Google’s world-class AI and quantum research to help CISOs and their organizations meet the needs of the agentic enterprise era.

As the world becomes increasingly multicloud and multi-AI, we believe that successful CISOs will use AI to analyze code and infrastructure holistically. Developers are building autonomous, agentic systems that can bridge resource gaps and enable real-time infrastructure healing. We should pair that incredible advancement with human oversight of automated fixes.

Anthony Belfiore, Chief Strategy Officer, Wiz

Building towards near real-time defense with AI

The exponential growth of AI means that we can expect technology to leap as much in the next five years as it did in the previous 30. To combat AI-driven threats, security responses will have to become near real-time, if not even faster. By tapping into the innovative minds at Google — specifically integrating with Gemini and Google DeepMind logic — Wiz aims to eventually enable hyper-resilient, self-healing code and infrastructure.

Bridging the gap by centering developers

Wiz has revolutionized vulnerability management by giving organizations an intuitive graph that analyzes cloud environments and ranks threat priorities in 15 minutes or less, turning a weeks-long process into minutes. However, simply giving security teams faster alerts led to a signal tsunami, where teams were chasing developers day and night just to treat symptoms rather than curing the core problem.

The solution was centering developers at the heart of the security strategy. By shifting security left — into the code — and providing context-aware tools, over 50% of Wiz’s daily active users are developers, not security practitioners, leading to a significant increase in security resolution.

In 2026, developers are the ultimate code-watchers because they hold the keys to both innovation and preservation. As vital watchers on the wall, enabling them is no longer an optional strategy if organizations want to stay ahead of modern threats.

Through innovations like Wiz Code, developers get granular data linking production issues directly back to their repositories, empowering them to fix vulnerabilities right where the code is written. In 2026, developers are the ultimate code-watchers because they hold the keys to both innovation and preservation. As vital watchers on the wall, enabling them is no longer an optional strategy if organizations want to stay ahead of modern threats.

Supercharging the agentic SOC future with data and automation

Data is the lifeblood of AI and cloud security. Wiz currently sits on a trove of sanitized data that captures the characteristics of highly secure, resilient, and compliant multicloud environments. When you meld Wiz’s specialized cloud telemetry with Google’s massive global data access — which includes 90% of the world’s browsers and 25% of fiber data — the resulting correlation will profoundly improve threat detection and efficacy.

While this combined intelligence can improve alerts, it can do much more than that. We expect that it will make human security operations center (SOC) operators exponentially more efficient, allowing them to manage the incoming wave of AI-driven threats through automated, agentic interactions. Wiz’s Red, Blue, and Green agents, and Google Security Operations’ Threat Hunting, Detection Engineering, and Third-Party Context agents, can help you develop the human-above-the-loop approach that empowers security teams to rapidly scale up.

However, fully autonomous fixing (where AI automatically changes code and configurations) is not yet ready for prime time. Because automated fixes could accidentally trigger denial-of-service and other outages, human-in-the-loop workflows remain critical.

Bridging the hybrid gap

In order to support as many of you as possible, including major legacy enterprises and institutions, Wiz developed sensors for Linux, vSphere, and Windows environments to enable a unified security approach for hybrid and cloud-native infrastructure. This gives CISOs a vital seat belt, a single pane of glass to protect their organizations as they safely drag and drop applications into the cloud.

Looking ahead

It’s crucial that your 2026 roadmap supports developers, but doing so doesn’t magically make a clean cloud transformation happen. To bridge this gap, the fusion of Wiz and Google focuses on three pillars of developer enablement:

Protection: Providing a sensor for on-premises and private cloud (Linux, vSphere, Windows) is the virtual seat belt that these organizations need to support a consistent security experience during hybrid migration.
Data provision: Delivering high-fidelity, contextualized alerts directly into existing workflows (such as GitHub and images) can help eliminate the noise of the signal tsunami.
Risk management: Using Wiz Code to provide the exact line-of-code traceability, organizations can fix risks at the source before they ever reach production.

The future of the watchers on the wall

The era of chasing mythical beasts in production through manual spreadsheets is ending. As we move toward a world of self-healing code and agentic SOCs, executives should be boldly moving on from treating security symptoms, and instead empowering developers who hold the keys to future resilience.

To learn more about the Google and Wiz approach to securing AI, check out Wiz’s State of AI in the Cloud 2026 report, and Google Cloud’s newest update on the adversarial misuse of AI.

aside_block: <ListValue: [StructValue([(‘title’, ‘Fact of the month’), (‘body’, <wagtail.rich_text.RichText object at 0x7f1988370250>), (‘btn_text’, ‘Learn more’), (‘href’, ‘https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2026’), (‘image’, <GAEImage: Cloud-CISO-Perspectives-logo-A>)])]>

In case you missed it

Here are the latest updates, products, services, and resources from our security teams so far this month:

Why AI-powered cyber fraud is winning — and how we fight back: Fraud costs are staggering. At Google, we offer AI-driven tools that span our cloud, browser, and mobile ecosystems to help you build resilient fraud defense. Read more.
The files AI coding agents trust — and attackers exploit: As AI coding agents become embedded in developer workflows, defenders must rethink how to protect against malicious files. Here’s what you need to know. Read more.
What’s new in IAM: Security, governance, and runtime defense: We’ve introduced a new security and governance paradigm for managing agent identity and access. Here’s what you need to know. Read more.
Google named a Leader in the 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies: We are proud to announce that Gartner has named Google a Leader in the 2026 Magic Quadrant for Cyberthreat Intelligence Technologies. Here’s what that means. Read more.
Why cloud infrastructure is the foundation for digital health in 2026: As SaMD moves from reactive diagnostics to proactive learning systems, cloud has become a superior foundation for regulated medical software. Read more.
Introducing Agent Gateway ISV ecosystem for security and governance: Google Cloud is partnering with leading identity and AI security solutions to integrate with Agent Gateway and help ensure that your security posture remains as flexible as the agents you’re building. Read more.

Please visit the Google Cloud blog for more security stories published this month.

aside_block: <ListValue: [StructValue([(‘title’, ‘Join the Google Cloud CISO Community’), (‘body’, <wagtail.rich_text.RichText object at 0x7f1988370490>), (‘btn_text’, ‘Learn more’), (‘href’, ‘https://rsvp.withgoogle.com/events/google-cloud-ciso-community-interest-form-2026?utm_source=cgc-blog&utm_medium=blog&utm_campaign=FY25-Q1-global-GCP30328-physicalevent-er-dgcsm-parent-CISO-community-2025&utm_content=cisop_&utm_term=-‘), (‘image’, <GAEImage: GCAT-replacement-logo-A>)])]>

Threat Intelligence news

GTIG AI Threat Tracker: Adversaries leverage AI for vulnerability exploitation, augmented operations, and initial access: Google Threat Intelligence Group (GTIG) continues to track a maturing transition in the adversarial use of AI. In this report, we update you on AI-augmented vulnerability discovery and exploit generation, defense evasion, autonomous malware operations, research and information operations, intentionally obfuscated LLM access, and supply chain attacks. Read more.
Defending your enterprise when AI models can find vulnerabilities faster than ever: Now is the time to strengthen playbooks, reduce exposure, and incorporate AI into security programs. Here’s an overview of the evolving attack lifecycle, how threat actors will weaponize these capabilities, and a roadmap for modernizing enterprise defensive strategies. Read more.
German cyber criminal Überfall and shifts in Europe’s data leak landscape: Germany has reclaimed its position as a primary focus for cyber extortion in Europe. While data leak site posts rose almost 50% globally in 2025, Google Threat Intelligence (GTI) data shows that the surge is hitting German infrastructure harder and faster than its regional neighbors. Read more.
How UNC6692 employed social engineering to deploy a custom malware suite: Google Threat Intelligence Group (GTIG) has identified a multistage intrusion campaign by a newly-tracked threat group, UNC6692, that used persistent social engineering, a custom modular malware suite, and deft pivoting inside the victim’s environment to achieve deep network penetration. Read more.

Please visit the Google Cloud blog for more threat intelligence stories published this month.

Now hear this: Podcasts from Google Cloud

What the law says about AI governance meeting its agentic future: James Sherer, partner, BakerHostetler, joins host Anton Chuvakin and guest co-host Marina Kaganovich, enterprise trust lead, Office of the CISO, to discuss the legal ramifications of emerging technologies (like AI) that are rapidly changing (also like AI.) Listen here.
Revisiting Google Cloud Next: What does the “ragged edge of AI adoption” mean for security? Why do people want agents in their SOC? Hosts Anton and Tim Peacock chat about the most notable and fun announcements from Next ‘26. Listen here.
Defender’s Advantage: Google’s Disruption Mission: Host Luke McNamara is joined by Charley Snyder to explore how Google is building a coordinated approach to disrupting adversary cyber operations. Listen here.
Behind the Binary: What happens when botnet operators show up in court: Host Josh Stroschein is joined by Xusheng Li, a debugger architect and reverse engineering expert, to explore the evolution of Time Travel Debugging (TTD) a new way to debug by recording and replaying execution traces. Listen here.

To have our Cloud CISO Perspectives post delivered twice a month to your inbox, sign up for our newsletter. We’ll be back in a few weeks with more security-related updates from Google Cloud.