惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Project Zero
Project Zero
Security Archives - TechRepublic
Security Archives - TechRepublic
C
Cyber Attacks, Cyber Crime and Cyber Security
Security Latest
Security Latest
Scott Helme
Scott Helme
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
V
Vulnerabilities – Threatpost
C
CERT Recently Published Vulnerability Notes
S
Schneier on Security
G
GRAHAM CLULEY
L
Lohrmann on Cybersecurity
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
Intezer
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
F
Full Disclosure
T
The Exploit Database - CXSecurity.com
P
Proofpoint News Feed
WordPress大学
WordPress大学
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
大猫的无限游戏
大猫的无限游戏
MyScale Blog
MyScale Blog
Hacker News: Ask HN
Hacker News: Ask HN
G
Google Developers Blog
H
Heimdal Security Blog
O
OpenAI News
Hugging Face - Blog
Hugging Face - Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
L
LangChain Blog
C
Cisco Blogs
云风的 BLOG
云风的 BLOG
IT之家
IT之家
Cyberwarzone
Cyberwarzone
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Know Your Adversary
Know Your Adversary
博客园 - 聂微东
The Cloudflare Blog
C
Check Point Blog
K
Kaspersky official blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
月光博客
月光博客
T
Tor Project blog
T
Threat Research - Cisco Blogs
T
Tailwind CSS Blog
P
Proofpoint News Feed
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
A
About on SuperTechFans
小众软件
小众软件
Cloudbric
Cloudbric
A
Arctic Wolf

Security & Identity

Cloud CISO Perspectives: How AI leverages deep context as the defender’s advantage | Google Cloud Blog Introducing k8s-aibom on GKE for automated AI bills of materials | Google Cloud Blog Contributing to U.K. financial sector resilience as a critical third party | Google Cloud Blog Meet the 33 cybersecurity startups joining the Gemini Startup Forum | Google Cloud Blog Drive proactive security, prioritize risks with Google Threat Intelligence and Wiz ASM | Google Cloud Blog Shift into high gear with agents: Securing the software-defined vehicle | Google Cloud Blog New IDC study: How Mandiant transforms security into a competitive advantage | Google Cloud Blog Google Cloud confirmed to offer a safer choice for EU public sector organizations with Dutch DPIA approval | Google Cloud Blog Cloud CISO Perspectives: How Google Cloud Security uses AI internally | Google Cloud Blog Securing agentic AI: What's new in VPC Service Controls | Google Cloud Blog Verifiable trust in the AI era: What’s new in Confidential Computing | Google Cloud Blog Choice, compliance, and collaboration: Europe’s path to open digital sovereignty | Google Cloud Blog Driving the UK’s next chapter: From AI potential to agentic reality | Google Cloud Blog Google named a Leader in IDC MarketScape SIEM 2026 Vendor Assessment | Google Cloud Blog Cloud CISO Perspectives: The 4 lessons that guided AI Threat Defense | Google Cloud Blog Powering the next era of Confidential AI Detecting and containing AI-powered threats with Google Security Operations agents Cloud CISO Perspectives: How to build an AI-ready security program for the public sector Introducing Google AI Threat Defense to help you outpace the adversary Cloud CISO Perspectives: How Google + Wiz changes multicloud strategy for CISOs Why cloud infrastructure is the foundation for digital health in 2026 Beyond source code: The files AI coding agents trust — and attackers exploit What's new in IAM: Security, governance, and runtime defense Google named a Leader in the 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies Introducing Agent Gateway ISV ecosystem for security and governance Cloud CISO Perspectives: At Next ‘26, why we’re multicloud and multi-AI Next ‘26: Redefining security for the AI era with Google Cloud and Wiz | Google Cloud Blog Introducing Google Cloud Fraud Defense, the next evolution of reCAPTCHA | Google Cloud Blog Next ‘26: Announcing new partner-supported workflows for Google Security Operations | Google Cloud Blog Cloud CISO Perspectives: How CISOs can pursue technical and cultural resilience (Q&A) | Google Cloud Blog Essential AI and cloud security now on by default Securing AI inference on GKE with Model Armor A Leader in Forrester Wave Sovereign Cloud Platform 2026 See beyond the IP and secure URLs with Google Cloud NGFW Cloud CISO Perspectives: RSAC: AI, security, and the workforce of the future How to build AI agents with Google-managed MCP servers Bringing dark web intelligence into the AI era RSAC ’26: Supercharging agentic AI defense with frontline threat intelligence IAP integration with Cloud Run Welcoming Wiz to Google Cloud: Redefining security for the AI era Cloud CISO Perspectives: New Threat Horizons report highlights current cloud threats Google named a Leader in IDC MarketScape: U.S. SLG Professional Security Services Introducing the Google Cloud recommended security checklist Cloud CISO Perspectives: How Google approaches critical security topics, from fundamentals to AI Sovereignty and European competitiveness: A partnership-led approach to AI growth Cloud CISO Perspectives: New AI threats report: Distillation, experimentation, and integration Delivering a secure, open, and sovereign digital world Introducing Single-tenant Cloud HSM for more data encryption control Cloud CISO Perspectives: 5 top CISO priorities in 2026
Why context is the missing link in AI data security
Scott Ellis, Ivan Medvedev · 2026-03-12 · via Security & Identity

AI is fundamentally driven by data. It is used to train and tune models, enable agents to plan and reason, and fuel interactions with end users. However, it can also create risks, such as sensitive data leaks, unwanted data collection, and data misuse.

In the AI era, organizations need more than security controls that rely on manual tagging and simple keyword matching. Effective data protection now depends on understanding context. 

To help you meet this challenge, Google Cloud’s Sensitive Data Protection (SDP) now uses advanced AI technology to power a new set of context classifiers (including medical and finance) and image object detectors (such as faces and passports). By understanding the context of data — even within images and rich documents — our enhanced rules engine can identify and mask sensitive information more effectively, helping to ensure that your AI agents access only the data they need.

Now generally available, these new SDP capabilities allow you to safely unlock the value of your data at every stage of the AI journey, from initial training and fine-tuning to real-time agent responses. By helping to ensure that sensitive identifiers like personally identifiable information (PII) are selectively removed, you can feed your models high-quality data without the associated risks. 

Here are a few ways you can integrate these new SDP capabilities into your AI strategy.

AI tuning and data sanitization in Vertex AI

When you tune a model like Gemini with your own business data, you can introduce new risks hidden in your data. On Vertex AI, Sensitive Data Protection can help mitigate these risks by enabling managed data discovery. It continuously scans your organization or selected projects for sensitive markers, including those within unstructured image data.

For example, SDP discovery can find credit card numbers, faces, and photo ID cards using advanced optical character recognition (OCR) and object detection. When sensitive data is discovered, rather than discarding it and reducing the value of your training datasets, you can use SDP to generate redacted versions. 

Consider the image below showing a damaged package next to a person. The system allows you to keep the image for training purposes while selectively obscuring the face or the entire person to ensure privacy.

https://storage.googleapis.com/gweb-cloudblog-publish/images/1_hFBqBYL.max-1700x1700.png

Figure 1: Sensitive Data Protection redacts sensitive or unwanted objects in images from AI training data

You can check out the full list of object types that SDP can identify and redact from your AI training data.

Securing live AI interactions

After tuning and deploying your model, the challenge shifts to managing live interactions. As end users engage with your business agents, you should verify that the content of every conversation is appropriate and compliant before your model processes it.

Sensitive Data Protection can help solve this challenge by providing an enhanced understanding of natural language context. For example, if a user types, “My arm is broken and I can't use the touchscreen,” the service detects a specific health context (DOCUMENT_TYPE/CONTEXT/HEALTH). Recognizing this as sensitive data, you can configure your system to redact the input — or block the conversation entirely.

Conversely, if the user says, “My wifi is broken,” the system recognizes the semantic difference. It understands this is a technical issue rather than a medical one, allowing the agent to proceed with troubleshooting the order.

You can explore the full list of context classification types to understand how Sensitive Data Protection can help verify the context of AI conversations.

Enhancing precision by combining context and rules

While context alone is important, complex scenarios often require combining it with traditional detectors. Standard approaches, like regular expressions (regex), are effective at finding patterns but often lack nuance, leading to false positives.

Sensitive Data Protection addresses this by combining context with pattern matching. By understanding the semantic category (such as "financial," "medical," "legal"), the system can boost or suppress findings to align with the actual risk.

For example, consider the phrase: “My order number is 75337 followed by 324323.” Here, the service detects a low-confidence GENERIC_ID. Since the context implies a standard tracking number, Sensitive Data Protection determines that no redaction is necessary.

https://storage.googleapis.com/gweb-cloudblog-publish/images/2_ApYMEjc.max-600x600.png

Figure 2: Sensitive Data Protection preserves data based on context

Now, consider a slight change: “My wallet number is 75337 followed by 324323.” The numbers are identical, but the word "wallet" triggers a strong DOCUMENT_TYPE/CONTEXT/FINANCE signal. This financial context boosts the confidence of the ID finding, validating it as sensitive data that requires redaction.

https://storage.googleapis.com/gweb-cloudblog-publish/original_images/3_J2do9Xy.gif

Figure 3: Sensitive Data Protection redacts sensitive data based on user context

As AI agents become more autonomous and data formats more complex, developers need more than static rules to properly mitigate business risks. Google Cloud’s Sensitive Data Protection can help you embrace these technologies without compromising on security. 

Getting Started

Sensitive Data Protection is the underlying discovery and inspection engine that powers data discovery and security guardrails in Model Armor, Security Command Center, and Contact Center as a Service. You can check out our new in-line configuration and testing interface directly in the Cloud Console, and learn how to configure SDP for use with Model Armor.

Posted in