Generative and agentic Artificial Intelligence (AI), and how they are driving our businesses, was a central theme at the Gartner Security & Risk Management Summit 2025. CEOs see AI as the technology that will most significantly impact their business in the future, and they believe cybersecurity is critical to their growth.
The opening keynote focused on harnessing the opportunities from all the change associated with AI disruption. While the promises of AI can seem a bit overinflated, the landscape is changing so quickly that what was thought to be nonsense a few months ago is now reality. Security and business leaders can either feed the fear or embrace the hype and align all technology and security goals with the mission of the organization.
One approach is to use outcome-driven metrics (ODM) to align goals. For example, if a business wants to improve customer retention by 20%, that may mean improving the product support experience. If AI can assist in those goals, IT and Security leaders need to think about what drives the AI tools to help in the mission. This includes providing AI-ready data to train the LLMs that are at the heart of AI agents. If an agent can improve customer self-service, this may increase retention. Tasks to drive the metrics include feeding the right quality and quantity of data to the models.
During Fasoo’s session on Monday, June 9, 2025, titled From Data Protection to AI Empowerment: Building Secure and Intelligent Data Foundations, Ron Arden, Executive Vice President, CTO, and COO of Fasoo, Inc., discussed the evolving relationship between data security and the transformative potential of AI. It’s clear that as organizations increasingly look to AI to drive innovation and efficiency, a fundamental shift in how we approach data – from a protected asset to a strategic enabler – is not just advisable, but essential.
The core of the discussion centered on AI’s intelligence is linked to the quality, security, and governance of its foundational data. The allure of sophisticated algorithms can often overshadow the critical importance of the data that fuels them. Neglecting the security and governance of this data in the rush to AI adoption introduces significant risks that can undermine the very benefits organizations seek. These risks include:
- Erosion of Trust: Inaccurate or biased AI outputs stemming from flawed data can erode confidence in the technology.
- Compliance Headaches: Failure to secure sensitive data used by AI can lead to regulatory violations and significant penalties.
- Operational Inefficiencies: AI models trained on incomplete or redundant data can lead to suboptimal performance and wasted resources.
- Security Vulnerabilities: Poorly managed data can create entry points for malicious actors seeking to compromise AI systems or exfiltrate sensitive information.
Ron underscored that moving beyond these pitfalls requires a strategic pivot towards Data-Centric Security. This isn’t merely about bolting on security measures as an afterthought; it’s about embedding security directly into the data itself, ensuring its protection regardless of where it resides or how it’s utilized. This modern approach, often underpinned by Zero-Trust principles, recognizes the fluid nature of data in today’s multi-cloud environments and necessitates robust Data Security Platforms that offer consistent policy enforcement across the data lifecycle. Advanced Data Security provides the granular visibility and control needed to secure data in an increasingly intelligent landscape. Key aspects of Advanced Data Security include:
- Deeper Visibility: Understanding data context and usage patterns. For instance, Fasoo DSPM provides critical visibility into sensitive data across the enterprise, enabling robust risk management strategies.
- Granular Control: Implementing precise data usage policies based on data sensitivity.
- Comprehensive Logging: Maintaining an audit trail of data interactions.
- Advanced Encryption: Protecting data at rest, in transit, and in use.
- Persistent Data Control: Leveraging Enterprise Digital Rights Management (EDRM), such as Fasoo Enterprise DRM (FED), to embed security policies directly within the data, maintaining control even after it leaves the immediate security perimeter or is consumed by AI.
Securing data is only one piece of the puzzle. True AI empowerment demands an AI-Ready Data Management strategy. Critical prerequisites for preparing data to fuel intelligent systems effectively include:
- Quantity: Ensuring access to a comprehensive and representative dataset across the organization, breaking down data silos.
- Quality: Prioritizing data accuracy, consistency, and relevance, including strategies for data lineage and the elimination of redundant, obsolete, and trivial (ROT) data. Solutions like Fasoo Wrapsody play a vital role in ensuring data quality and preparing data for optimal AI readiness.
- Security: Maintaining consistent data permissions and access controls, even within AI environments, to prevent unauthorized access and ensure compliance. This also encompasses the critical need for GenAI Data Loss Prevention (DLP), where a solution like Fasoo AI-R DLP becomes indispensable in preventing sensitive information from being misused or leaked by generative AI models.
A significant portion of the presentation focused on the challenges and opportunities surrounding Unstructured Data, since it is key to training AI models. Unlike structured data in databases, unstructured data (documents, emails, multimedia) presents unique complexities for AI adoption. Traditional Enterprise Content Management (ECM) systems often lack the sophistication to adequately prepare this data for AI. Ron emphasized the need for an AI Data Infrastructure with capabilities such as:
- Content Virtualization: Streamlining access and management across disparate repositories.
- Optimized Unstructured Data Management: Employing intelligent techniques for categorization, metadata enrichment, and retrieval.
- Data Hygiene Control: Implementing measures for content validation, code inspection, and provenance tracking to ensure the integrity of AI outputs.
- Proactive Data Threat Detection: Implementing Data Detection and Response (DDR) to actively monitor data activities, detect suspicious behaviors, and respond to potential policy violations or exfiltration attempts in real-time, especially within dynamic AI workflows.
As AI becomes more deeply integrated into organizational workflows, establishing Enterprise AI Governance with clear guidelines and controls is important. Key challenges include the risk of exposing sensitive data, the difficulty in verifying AI-generated content, and the lack of visibility into AI usage. Methods to address these challenges include:
- Automatic Data Classification and Access Control: Ensuring appropriate data governance from the outset, amplified by EDRM’s persistent policy enforcement.
- AI Output Tracking and Tracing: Providing accountability and enabling validation, further enhanced by DDR’s ability to detect and respond to suspicious activities related to AI-generated content or data used by AI.
- Real-time Activity Logging: Offering comprehensive visibility into AI interactions for monitoring and audit purposes, significantly enriched by the granular telemetry and incident response mechanisms of DDR.
Several session attendees came to the Fasoo booth to further the discussion on data readiness and security. While everyone has AI on their mind, a lot of people are still focused on the basics of finding, protecting, and managing their sensitive data. Visitors were excited to see how Fasoo Data Radar and Enterprise DRM can help them find, classify, protect, and manage their sensitive unstructured data with minimal impact to existing workflows.
There was a lot of interest in how Fasoo can help protect sensitive intellectual property (IP). A CISO from a manufacturing company was looking for solutions to ensure CAD (Computer-Aided Design) drawings were limited to engineering teams and specific partners. The company had an incident where a former employee walked away with critical designs and joined a competitor. Booth staff showed her how easy it is to automatically protect CAD files as engineers create them and apply Advanced Data Security controls to prevent unauthorized exfiltration of these critical design assets.
Data-centric security and content virtualization are key approaches for good data governance and the transformations promised by AI. Data quantity, quality, and security are key factors in deploying AI in organizations. By embracing a data-centric security posture, prioritizing AI-ready data management, and implementing robust governance frameworks—all strengthened by solutions like EDRM for persistent data control and DDR for proactive threat detection and response— organizations can move beyond the hype and realize the true strategic value of Artificial Intelligence. The future belongs to those who recognize that data is not just an asset to be protected, but the very fuel that propels intelligent transformation.
