Cloud Security Podcast by Google cover image

Cloud Security Podcast by Google

EP226 AI Supply Chain Security: Old Lessons, New Poisons, and Agentic Dreams

May 19, 2025
Christine Sizemore, a Cloud Security Architect at Google Cloud, dives into the complexities of AI supply chain security. She highlights the stark differences between AI and traditional software supply chains, using engaging examples like the Suez Canal incident. The discussion uncovers unexpected threats, such as data poisoning, and emphasizes the need for continuous security integration. Sizemore explores organizational pitfalls to avoid and humorously questions whether AI can secure itself—she even shares practical strategies for safeguarding AI systems.
24:39
Creator website

Episode guests

Christine Sizemore

Podcast summary created with Snipd AI

Quick takeaways

  • Securing the AI software supply chain requires trusted sources for datasets and libraries to prevent vulnerabilities and data poisoning.
  • Organizational pitfalls such as silos between security teams and AI developers must be avoided to ensure effective security integration.

Deep dives

Understanding the AI Supply Chain

AI supply chains are highlighted as being particularly fragile and vulnerable, similar to traditional supply chains. A notable example discussed is the Suez Canal blockage, which demonstrated how disruptions can lead to global shortages and highlight the critical need for components to work harmoniously. AI supply chains involve specific elements such as datasets used for training models and the software libraries necessary for that training, like TensorFlow and PyTorch. Ensuring these elements come from trusted sources and are free from vulnerabilities is essential for maintaining the integrity of AI systems.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner
 Get the app