+
The New Rules for Data Security
From planning to deployment: Why AI security is data security
AI is exposing sensitive data within organizations. Here’s how business leaders can keep their organizations secure.�
AI is reshaping the enterprise, streamlining operations, accelerating innovation, and redefining productivity. But as organizations rush to adopt these powerful tools, many are overlooking a critical risk: the exposure of sensitive data.
Despite the promise AI holds, few companies are prepared for the security challenges it brings. A 2025 Varonis study found that 99% of organizations surveyed had sensitive information accessible to AI tools—a staggering vulnerability hiding in plain sight.�
“AI is exposing the cracks in how organizations manage data,” says Yaki Faitelson, cofounder and CEO of Varonis, a leading data security company. “We see it in our research—nearly all organizations have critical data exposed to AI. That means AI copilots, agents, and chatbots can surface confidential information with a single prompt.”�
Most enterprises lack the visibility and controls needed to monitor how AI systems interact with their data. Today, nearly all (98%) organizations have
Back to home
From planning to deployment: Why AI security is data security
AI can’t scale without data security–here’s why
Read more
Read more
© 2025 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
Explore more
Back to home
Watch now
Strengthening data defense in the
age of AI
unverified apps on their networks, just waiting to wreak havoc on company systems and
IT resources.
�Traditional protections, such as encryption and access management, no longer go far enough. What’s needed now is a smarter, more adaptive approach—one that can detect abnormal use, anticipate threats, and enforce safeguards before a breach occurs.
“AI doesn’t discriminate. It will use whatever data it can access. Without proper controls, every prompt becomes a potential breach.”
BRIAN VECCI
Field chief technology officer, Varonis
“AI doesn’t discriminate. It will use whatever data it can access. Without proper controls, every prompt becomes a potential breach,” says Brian Vecci, field chief technology officer for Varonis.
�As AI adoption surges, so must the evolution of data security. Staying ahead of innovation means securing the foundation it depends on.
If business leaders want to deploy and use AI securely, they need to cover all vectors, including who has access to what data. An overwhelming majority (88%) of organizations have ghost users, old accounts with access to critical data and applications. And the number of these accounts is equally concerning. Firms have an average of 15,000 ghost users, some of which have administrative roles with powerful permissions. A bad actor only needs to compromise one identity to gain a foothold into the company.
Shoring up AI security
Damage is not limited to data theft. Model poisoning, where hackers inject or manipulate an AI model’s training data to corrupt its performance, can have serious consequences.
�“Poisoned AI training data can have dangerous ripple effects,” says Vecci. “In a large healthcare organization, we discovered a single stream of data had been altered. That small change could have impacted patients’ treatments and medications. Safeguarding AI can literally be the difference between life
and death.”
�As Faitelson points out, “AI feasts on data.” Yet, most security programs focus the bulk of a company’s resources on endpoints and firewalls, leaving sensitive information exposed to chatbots and agents. Firms must focus on managing identities in complex cloud and hybrid environments and mitigate data overexposed to AI to reduce risk.
�“If you don’t know where your critical data is, who can access it, and how to automatically lock it down, AI will expose that very quickly,” says Faitelson.
AI can do some things faster and better than humans. AI can seek out and quarantine phishing emails, which remain the #1 attack vector. Think of it as using AI to combat AI threats.
Verify, classify, and test
“AI threats move faster than humans can respond. You need AI-powered defenses �that can classify data, detect anomalies, �and remediate risk in real time.”
Yaki Faitelson
Cofounder and CEO, Varonis
“AI threats move faster than humans can respond,” says Faitelson. “You need AI-powered defenses that can classify data, detect anomalies, and remediate risk in real time. At Varonis, we believe the only way to defend AI is with AI. Our customers benefit from automation and machine learning to shrink the blast radius, monitor AI agents, and catch threats before they escalate.”
As organizations look to scale their AI, it will be crucial that they consider data security from the start. Doing so will make deploying AI easier, faster, and less expensive while ensuring that organizations can trust that their data is safe.
�“Don’t say ‘no’ to AI. Instead, make the case that AI can be deployed securely—but the strategy has to start with data,” says Vecci.
© 2025 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
Back to home
AI can’t scale without data security–here’s why
Read more
Read more
From planning to deployment: Why AI security is data security
Explore more
Strengthening data defense in the age of AI
The New Rules for Data Security
Back to home
+