Check Point warns that the new generation of artificial intelligence models integrated directly into productivity environments, such as Gemini 3 Pro in Google Workspace, has turned AI into a new business perimeter that requires specific controls.
According to the company, AI is no longer an isolated tool, but rather an operational layer that has access to emails, documents, APIs, workflows and critical systems, which multiplies risk vectors within the corporate perimeter.
The arrival of Gemini 3 Pro accelerates a trend that was already seen in platforms such as Microsoft 365 with Copilot: AI stops acting from the outside and begins to operate within the corporate infrastructure, with the ability to summarize conversations, manipulate documents, interpret PDF files, automate tasks or call internal services. When AI executes real actions, the attack surface expands and much of this risk is invisible to traditional controls that protect the classic security perimeter.
“Companies are incorporating AI at high speed, but without providing it with the level of supervision and security that its new operational role demands. Gemini 3 Pro demonstrates that AI is no longer an assistant, but rather an agent integrated into the digital fabric of the company. The challenge now is to control what it can do and how it does it,” says Eusebio Nieva, technical director of Check Point Software for Spain and Portugal.
The new risk perimeter
Check Point Software warns that indirect prompt injection is one of the fastest growing risk vectors. Unlike the instructions entered by the user, these manipulations are hidden in the content analyzed by the AI: an altered PDF, an email signature, a link with hidden code or a modified image can change the behavior of the model without direct interaction.
With tools like Gemini 3 Pro, which process emails, documents and files in the cloud, any manipulated element can trigger automations or unexpected responses that traditional controls do not detect within the organization’s operational perimeter.
The contributions of Lakera, a company belonging to Check Point Software, have shown that this technique allows attacking not the prompts, but the content itself consumed by the model, significantly expanding the risk in corporate environments and eroding the limits of the digital perimeter.
In addition, Lakera has documented multimodal cyberattacks in which manipulated audio or images influence models without leaving an obvious trace, adding vectors that classic security solutions do not cover.
Added to this are the agentive capabilities of Gemini 3 Pro, which allow AI to execute actions, activate automations or access internal APIs. According to Lakera analysis, a configuration with overly broad permissions or without continuous monitoring can lead to trusted perimeter overflow and unpredictable behavior or unauthorized access.
Therefore, Check Point Software emphasizes that security must focus on what AI can do and what it can access, not just what it is capable of generating.
The gap between adoption and security widens
The rapid adoption of AI tools in enterprises is creating a clear gap between use and protection. According to Check Point Software, most organizations still lack AI governance policies, adversarial validations, multimodal controls, or systems capable of monitoring the behavior of autonomous agents. This gap increases risk as AI takes on more critical operational tasks.
Gemini 3 Pro accelerates that imbalance: it boosts productivity, but also expands the risk perimeter by natively integrating into the Google Workspace ecosystem and operating on critical information.
Although the first internal analyzes show that the model offers good resistance to direct manipulation, its security depends on the configuration, the guardrails applied and the constant validation of its actions. The company itself insists that the model does not constitute a security strategy in itself, and that real protection depends on the control of entries, exits and permits.
Most Organizations Still Lack AI Governance Policies
In this scenario, the arrival of Gemini 3 Pro completely transforms the responsibility of management teams. The question is no longer how advanced a model is, but rather what it is authorized to do within the organization, what information it can work with, what its limits are, and who supervises its actions. AI has become a new business perimeter: dynamic, complex and difficult to identify with traditional tools.
“The integration of AI into operational infrastructure requires a different approach. Prevention, governance and continuous supervision will be essential to maintain control in this new scenario,” concludes Eusebio Nieva.
Check Point Software summarizes this new approach in four essential principles:
• Prevention first, to block risks before they affect systems.
• AI-powered securityprotecting both the AI and using it as an additional defensive layer.
• Connective tissue protectionconsidering each data flow as part of the same ecosystem.
• Open platformwith unified visibility and control throughout the organization.
AI is becoming an operational layer within security operations, enhancing human experience, streamlining manual workflows, and reducing mean time to remediation (MTTR). It helps bridge skills gaps and enables prevention and detection that keeps pace with modern threats.
AI has become a new business perimeter: dynamic, complex and difficult to identify with traditional tools
Organizations must prioritize solutions that not only protect AI, but also integrate it across their entire platform under a clear and unified AI strategy. This ensures long-term adaptability and prepares them to take full advantage of future advances in AI technologies.
