How do you handle a scenario where Google Security Command Center flags a critical misconfiguration in a production GKE cluster at Ascension?