As cyberattacks against critical infrastructure grow more sophisticated, Google Cloud is advocating for a ‘shared fate’ model between utilities and data centers. By moving away from isolated security efforts, the move aims to create a unified digital immune system, leveraging AI-driven threat intelligence and cloud-native resilience to protect the global power grid from a ‘perfect storm’ of rising demand and legacy vulnerabilities.
Highlighting that Google Cloud’s vision is to reimagine the entire energy sector value chain through planning, building, operating, and enabling a secure, scalable foundation to advance everyone’s AI journey, Raiford Smith, global market lead for power and energy at Google Cloud, and Vinod D’Souza, head of manufacturing and industry at Google Cloud’s Office of the CISO, wrote in a Friday blog post, adding that while consumer demands on energy infrastructure are spiking; they are seeing AI-augmented adversarial threats targeting power and energy generation on the rise.
They added that these dual pressures, to make energy more resilient against cyberattacks, just as experts are forecasting accelerated energy needs through the end of the decade, speak to the complicated, important issues surrounding securing the grid.
Flagging an extreme example, they pointed to the Russian threat group Sandworm, which hijacked Ukrainian power substation system control tools, sent unauthorized commands that coincided with missile strikes, and used malware to erase forensic evidence. These operations demonstrate a continuation of the cyber-physical hybrid warfare first seen in Crimea in 2014.
Identifying that Google Cloud depends on the power sector’s continued innovation, Smith and D’Souza observed that “Our infrastructure, just like all energy customers, requires a safe, affordable, reliable, resilient, and sustainable energy ecosystem. Because of this dependency, we want to be an active partner in advancing these capabilities for everyone. This partnership is especially timely because energy infrastructure is currently facing a perfect storm of challenges — unprecedented growth, highly distributed assets, legacy technology, and a rapidly evolving threat landscape.”
“With our expertise in AI, cloud security, and visibility into threat actor activities, Google Cloud is uniquely positioned to be a key partner for energy companies, enabling innovation with resilience and security, via collective defense,” they added.
Pointing out that resilience against natural disasters and human threat actors is paramount for the energy sector. “At Google, we’ve built the most energy-efficient data centers on the planet, and our technical infrastructure is optimized for AI calculations. Adversaries and defenders are eagerly and aggressively seeking the benefits of AI, too. Threat actors have been using AI for productivity gains — enhancing and speeding up their attacks and making social engineering gambits seem more natural — and have begun attempting to use AI to enhance malware.”
To counter this, Smith and D’Souza said, “We are helping security evolve from a reactive, human-dependent status quo to an AI-augmented, human-in-the-loop ecosystem. Security and resiliency strategies need to shift from compliance-centered processes to threat-informed, compliance-inclusive ones.”
This comes as AI has already begun to fundamentally transform the role of a security engineer, with AI agents performing simple data enumeration to complex reverse engineering malware analysis.
Smith and D’Souza offer a unified security vision for critical infrastructure. “Our platform integrates threat intelligence from Google Threat Intelligence Group, Mandiant’s frontline experience, and other elements — SIEM, SOAR, and Mandiant Consulting — into a single security partner. This integration is a critical differentiator, offering deep, actionable analysis of active attacks.”
Recognizing that mistakes and mismanagement of critical infrastructure can have catastrophic consequences, reliability and resilience are the keys to great performance. “At Google, we have the same point of view, inventing Site Reliability Engineering (SRE) to address those very concerns. SRE enables deliberate, fact-based decision-making, safety, and operational discipline to drive culture and performance because the stakes are so high.”
Cybersecurity is no longer a solo sport for energy providers and data centers, but more of a shared fate that requires a unified front. “The Sandworm attacks demonstrated what’s possible when sophisticated and determined adversaries target critical infrastructure, and attacks like those will only get more sophisticated.”
Smith and D’Souza said that the path ahead requires focusing on core competencies. Google will “provide platform, tools for research, modeling, monitoring, and optimization, coupled with world-class cybersecurity. Our mission is to be the world’s most trusted security partner in the AI era, delivering a secure-by-design infrastructure, pioneering AI-driven threat defense, and adopting a shared fate model to actively secure customer data, applications, and AI workloads.”
Meanwhile, energy companies will increase power generation and transmission capacity, boost resiliency, and enhance cybersecurity posture by leveraging cloud and AI technologies.
“We are better together. The symbiotic relationship between utilities and CSPs is the cornerstone of tomorrow’s grid,” they added. “By working together, we can beat bad actor AI with better AI for both operations and cybersecurity. The transition to the cloud is about leveraging a digital immune system that anticipates and evolves against threats.”
