A New Era of Agentic AI Security
Google's announcements signal a fundamental shift in how it views AI—not just as a tool that answers questions, but as an 'agent' that performs tasks autonomously. This new “agentic era” brings incredible speed and capability, but it also creates a new,
more complex threat landscape. If an AI agent can book flights or manage code, it can also cause significant damage if compromised. Recognizing this, Google's strategy is to build security into the very architecture of these new systems, rather than adding it as an afterthought. The introduction of Sec-Gemini V3 and CAPSEM is the company's direct response to this challenge, aiming to provide the guardrails for India's developers and businesses to innovate safely.
Decoding Sec-Gemini V3
Sec-Gemini V3 is Google's highly specialized AI agent built for cybersecurity. Think of it as a super-powered co-pilot for a company's security team. It is designed to reason across vast and complex streams of security data, helping to automate critical tasks like incident investigation, digital forensics, and malware analysis at machine speed. Unlike general AI models trained on web text, Sec-Gemini is trained on curated, security-specific data and constantly updated with Google's latest threat intelligence. This allows it to understand and react to new vulnerabilities in near real-time. For now, access in India is limited to a trusted tester program that includes government bodies and major enterprises like Flipkart.
Introducing CAPSEM
While Sec-Gemini V3 is for detecting and responding to threats, CAPSEM is about preventing them at the source. CAPSEM, which stands for Capabilities Security for Agents, is a secure runtime environment that Google is open-sourcing for developers. Its function is to place each individual AI agent inside its own isolated virtual machine. This acts like a digital quarantine; if one agent is compromised by a malicious prompt or a direct attack, the damage is contained. The wider system and other agents remain fully protected because the compromised agent has strictly limited access and cannot reach raw credentials or other sensitive parts of the network. By open-sourcing CAPSEM, Google aims to help startups and developers build security into their AI applications from day one.
Why This Matters for India
These announcements are not happening in a vacuum. India's rapid digital transformation has made it a prime target for cyberattacks. The World Economic Forum ranked cybersecurity as the number one risk facing the country in 2026, with hundreds of threats detected every minute. Attackers are increasingly using sophisticated methods, including AI-powered phishing and targeting critical cloud infrastructure and supply chains. With a booming digital economy and over 800 million internet users, the stakes are incredibly high. Google's move to deploy advanced, localized security tools and infrastructure addresses this urgent need. By enabling organisations to run AI models within Indian data centres, and even disconnected from the public internet, Google is catering to the stringent data localisation and security requirements of regulated sectors like finance and government.
Google's Broader Strategy
The security announcements were part of a much broader set of initiatives unveiled at the Google I/O Connect India event. These included new educational programs to upskill Indian developers, like a free 56-hour curriculum on building Large Language Models, in partnership with NASSCOM and IISc Bangalore. Google also announced research collaborations with IIT Delhi and IIT Madras focused on AI safety and threat detection. This multi-pronged approach—combining cutting-edge security tools, on-shore infrastructure, and ecosystem-wide education—demonstrates Google's deep investment in India. It's a strategy designed not just to sell products, but to become an indispensable partner in securing and shaping the country's AI-powered future.
















