Stealing Data While No One is Looking

A new poll reveals widespread, bipartisan agreement among American voters on at least one issue: data security/privacy.  According to the survey, 96% of voters find it important not to keep Americans’ personal data in Chinese data centers, reflecting a paramount concern with information security in an era of global data.  A majority of 83% also believe that data centers serving American consumers and companies should be located in the US.  People can hardly escape the deluge of news about data breaches from organizations that failed to hold up their end of the protective bargain, and it shows.  “The numbers show a strong, bipartisan consensus that keeping America’s data and energy secure isn’t a partisan issue,” says Connor Sandagata, Senior Public Opinion Fellow at the Joseph Rainey Center for Public Policy.

Meanwhile, the exponential surge of AI across…everywhere has already gained it the number one source of data exfiltration channel in enterprises, according to a new Enterprise AI and SaaS Data Security Report.  Sensitive data is a valuable resource.  It ought not to be permitted to flow unchecked into the ChatGPTs and Copilots of the world – and yet here we are.  Unmanaged accounts and invisible copy/paste channels allow for their unrestricted flow into these chatbots, in whose direction the usual data loss prevention tools don’t even look.  “Security programs designed to scan attachments and block unauthorized uploads miss the fastest-growing threat entirely,” says The Hacker News.  Generative AI tools are gobbling up sensitive data: 40% of their uploaded files contain personally identifiable information (PII) and payment card industry (PCI) data. 

An even larger number, 77% of employees, simply copy/paste data into these tools with abandon, primarily through unmanaged or personal accounts.  Out of 14 daily pastes, around three contain sensitive data, according to the results.  Unfortunately, this expanded use of AI tools has not developed in tandem with the proper oversight controls that accompanied prior innovative growth like email or online meetings.

Lacking governance, or often even the impetus to enact it, GenAI tools have quickly become the major pipeline for enterprise data exfiltration.  Free flows of data that should not be freely flowing beg for tighter security controls – for data encryption that locks down sensitive information and frustrates cybercrime’s attempt to poach critical files.  NetLib Security’s Encryptionizer offers a solid wall of encryption right out of the box, across the physical, virtual and cloud environments.  Unlike additional oversight of GenAI tool security, no additional programming is required.

Don’t let your valuable resources be siphoned away through dangerous channels, lock down your data today.