The Core Disconnect: Google's Advice vs. Its Practice
Google Cloud's COO Francis de Souza recently stated that security must be foundational to AI strategy, not bolted on later. He is correct. However, a series of reports from The Register reveal that Google itself is grappling with AI security gaps—most notably, a 23-minute window during which compromised API keys remain valid after deletion. This disconnect between prescription and practice is a strategic risk for any enterprise relying on Google Cloud for AI workloads. The gap between what Google advises and what it delivers is not just a technical oversight; it is a structural vulnerability that undermines trust and exposes enterprises to data exfiltration.
The 23-Minute Vulnerability: Technical Details and Implications
According to security firm Aikido, Google's API key revocation can take up to 23 minutes to propagate, during which attackers can exfiltrate data and cached conversations from Gemini. Google's newer credential formats revoke in seconds, suggesting the delay is a matter of prioritization, not engineering. For enterprises, this means that even with best practices, a window of exposure exists—and in AI, that window can be catastrophic. The 23-minute window is not a theoretical risk; it is a concrete attack surface that adversaries can exploit. Enterprises that assume Google's security is robust across all credential types are misled. The gap between legacy and modern credential formats creates an uneven security posture that attackers can target.
Multicloud Reality: Why Single-Vendor Security Is a Myth
De Souza emphasized that no enterprise operates on a single cloud. This is a strategic insight: security posture must be consistent across clouds and models. Yet Google's own security gaps highlight the challenge of achieving that consistency. Enterprises that assume a single-vendor approach simplifies security are misled; the attack surface now includes models, data pipelines, agents, and prompts across multiple environments. The 23-minute revocation delay is a symptom of a deeper issue: cloud providers are still adapting to the unique security demands of AI. As enterprises adopt multicloud strategies, they must enforce consistent security policies across all platforms, but the tools and processes to do so are immature. Google's vulnerability underscores the need for independent security audits and real-time credential management solutions that work across clouds.
Agentic Defense and the Talent Gap: The Long Road Ahead
De Souza advocates for AI-native, agentic defense—machines defending at machine speed. But the talent to oversee such systems is scarce. LinkedIn's CISO Lea Kissner warns of a 'bug-pocalypse' and expects it will take years to sustainably understand AI security. Enterprises must invest in both technology and human capital now, or risk being outpaced by threats. The agentic defense vision is compelling, but it requires a level of automation and intelligence that is not yet mature. The talent gap means that even the best AI security tools will be underutilized without skilled professionals to configure, monitor, and respond to incidents. Enterprises should not wait for the perfect solution; they must build internal capabilities and partner with specialized security firms to bridge the gap.
Strategic Consequences: Winners, Losers, and Market Shifts
The 23-minute vulnerability creates clear winners and losers. Security firm Aikido gains credibility and potential business from enterprises seeking to audit cloud providers. Competing cloud providers like AWS and Azure can highlight Google's weakness to attract security-conscious enterprises. Google Cloud suffers reputational damage and potential customer churn, especially among regulated industries. Enterprises using Google Cloud are exposed to risk during the revocation window, forcing them to implement compensating controls. The market impact is a acceleration of demand for real-time credential management and AI-specific security solutions. Cloud providers will prioritize faster revocation across all credential types, but the transition will take time. Enterprises should demand transparency on security SLAs and enforce consistent policies across clouds.
Outlook and Actionable Steps for Executives
The gap between Google's advice and its own practices is a warning: no vendor is fully ready. Executives must demand transparency on security SLAs, enforce consistent policies across clouds, and prepare for a long transition period. The cost of inaction is not just financial—it's strategic obsolescence. Over the next 30 days, enterprises should audit their Google Cloud API key management, implement compensating controls like key rotation and monitoring, and evaluate alternative cloud providers for sensitive AI workloads. The 23-minute window is a symptom of a broader challenge: AI security is still evolving, and enterprises must take a proactive, multicloud approach to mitigate risk.
FAQ
Aikido Security found that Google API keys can remain valid for up to 23 minutes after deletion, allowing attackers to exfiltrate data. Newer credential formats revoke in seconds, indicating the delay is a prioritization issue.
Demand transparency on security SLAs, enforce multicloud security consistency, and invest in agentic defense oversight. Treat all cloud vendors as learning in real time.

