The Good Tech Companies - The Silent AI Breach: How Data Escapes in Fragments

Starting point is 00:00:00 This audio is presented by Hacker Noon, where anyone can learn anything about any technology. The Silent AI Breach. How Data Escapes in Fragments by Cyberhaven. Gen AI isn't stealing your data in one dramatic burst. It leaks fragments, copy dinto prompts, screenshots, exports, and fine-tuning datasets that move between endpoints, SaaS apps, and cloud storage. Legacy DLP sees some hops. DSPMs see some resting places. neither sees the whole story. The only way to reliably track and stop AI-driven data

Starting point is 00:00:33 exfiltration is to follow the data's entire journey, its lineage, across endpoints, SaaS, and the cloud, then apply protection in real time. That's the mindset behind Cyberhaven's unified DSPM plus DLP platform. Visit this link to see how this works in a live session and on-demand product launch event. The new data breach doesn't look like a breach. When people imagine an AI incident, they picture something cinematic, a rogue agent wiring the entire customer database into a model in one shot. That's almost never how it happens. In the environments we see, I related data loss looks more like this. A product manager pasts a few rows of roadmap data into a model for help writing a launch brief. A developer copies a code snippet with a proprietary

Starting point is 00:01:19 algorithm into Chad GPT to debug a race condition. A finance analyst exports a slice of a board deck into a CSV to feed an internal LLM. Each action in isolation seems harmless. Just a few lines, just a screenshot, just this one table. But over weeks and months, those fragments accumulate across different tools, identities, and locations. From an attacker's point of view, you don't need the entire truth in one place. Enough fragments, stitched together, are often just as valuable as the original. YAI data loss is almost invisible to traditional tools. Most organizations are still protecting data with a mental model that assumes. Data lives in well-defined systems, databases, file shares, document repositories. Exfiltration is a discrete event, a big upload, a large export,

Starting point is 00:02:09 a massive email. AI breaks both assumptions. One, data is now fragmented BY default. We no longer share a file. We share pieces of it. That was already true with SAAAS. AI multiplies it. A confidential slide becomes two paragraphs in an email, three bullets in a Jira ticket, and a paragraph pasted into an AI prompt. A source code file becomes a function pasted into a chat, a generated patch and Git, and a screenshot in a Slack thread. By the time you notice something is wrong, the data has been chopped, transformed, translated, and blended into other content across dozens of systems. Our analysis of customer environments shows data moving continuously between the cloud and endpoints in ways that are impossible to understand if you only look at a single system or moment.

Starting point is 00:02:57 2. Controls are still siloed BY location the security stack mirrors this fragmentation. DLP on endpoints and gateways focuses on data in motion. DSPM focuses on data at rest in SaaS and cloud. New AI security tools focus solely on prompts and responses within specific models. Each one knows its domain well, but little about what happened before or after the event it observes. So you end up with a DSPM alert that says, this bucket contains sensitive data, but not how it got there or who moved it. A DLP alert that says, someone pasted confidential

Starting point is 00:03:34 text into a browser, but not where the text originated or where it went next. An AI usage report that says, these apps are talking to LLMs, but doesn't specify the underlying data they're exposing. Individually, these are partial truths. Together, without context, they become a noise. What we learned by betting the company on data lineage, long before data lineage became a slide on every security vendor's pitch deck, we built a company around it. Cyberhaven's founding team came out of EPFL and the DARPA Cyber Grand Challenge, where we built technology to track how data flowed through systems at the instruction level, not just the file level. That research evolved into a security platform that could reconstruct the entire history of a sensitive object,

Starting point is 00:04:17 where it was born, how it changed, who touched it, and where it tried to leave the organization. We sometimes joke internally that we were, the original data lineage company. We were shipping lineage-based detection and response years before it was fashionable marketing language. At the time, this approach solved problems like finding insider threats hidden in millions of normal file operations, understanding complex IP leaks where content had been copied, compressed, encrypted, renamed, and moved across multiple systems. We thought lineage was powerful then. In the AI era, it's non-negotiable. It is like trying to enable full self-driving without having driven round and round San Francisco, gathering the telemetry data. AI made lineage mandatory, not optional.

Starting point is 00:05:03 AI has accelerated two trends that were already underway. One, data never sits still. It continuously moves between endpoints, SaaS and the cloud. Two, security is moving from point products to platforms. Customers are tired of stitching together DSPM, DLP, insider risk, and a separate AI tool. If you care about AI-driven data exfiltration, you can't afford to look only at static storage, DSPM alone, or network egress, DLP alone, or AI prompts, AI tooling alone. You need to understand how knowledge moves, how an idea in a design file becomes a bullet in a product document, a paragraph in a slack thread and a prompt tone external model. That's the whole reason we built Cyberhaven as a unified eye and data security platform

Starting point is 00:05:51 that combines DSPM and DLP on top of a single data lineage foundation. It lets security teams see both where data lives, inventory, posture, misconfigurations, and how data moves, copy, paste, exports, uploads, AI prompts, emails, Git pushes, and more. Once you have that complete picture, AI exfiltration stops being mysterious. It looks like any other sequence of events, just faster and more repetitive. Principles for actually stopping AI-driven data exfiltration. If I were starting a Greenfield Security program today, with AI in scope from day zero, here are the principles I'd insist on. 1. Unify Data at Rest and Data in motion. You can't secure what you only see. You can't secure what you

Starting point is 00:06:37 only see part of. Data is sitting in the cloud and SaaS. DLP tells you how data is moving, especially at endpoints and egress points. Together, with lineage, you get the full story. This model training dataset in object storage came from an export from this SaaS app, which originated in this internal HR system, and was enriched by this prompt flow to an external LLM. That's the level of context you need to decide whether to block, quarantine, or alo, especially when AI is involved. treat identity, behavior, and content as a single signal whenever I review a serious incident, there are three questions I want answered. One, what exactly was the data? Regulated data,

Starting point is 00:07:18 IP, source code, M&A docs? Two, who was the human or service account behind the action? Role, history, typical behavior. Three, how did this sequence of events differ from, normal, for that identity and that data? Legacy tools usually answer only one of those in isolation. content scanners know what, but not who. Identity systems know who, but not what they did with data. UEBA systems know anomalies, but not data sensitivity. Lineage-driven systems can correlate all three in real time, which is the only way to reliably find the handful of truly risky actions in the noise of millions of normal events. Three, assume policies won't keep UP writing perfect AI policies as a losing game. People will always find new tools, plug-ins,

Starting point is 00:08:06 side channels, and workflows. If your protection depends on static rules that anticipate every vector, you'll always be behind. What works better in practice is, broad, simple guardrails, don't move data with these characteristics to destinations in these classes, combined with an AI-assisted detection layer that uses lineage and semantic understanding to surface suspicious patterns you didn't explicitly write a rule for. We're already seeing this with autonomous analysts that investigate lineage graphs and user behavior to propose or enforce controls without requiring ahuman to anticipate every scenario. 4. Close the loop from Insight TO action seeing the problem isn't enough.

Starting point is 00:08:46 Seeing the problem isn't enough. One of the biggest complaints we hear about standalone DSPM tools is that they generate lots of insight, but no direct enforcement. Teams are left opening tickets and chasing owners by hand. Prioritize where to scan and investigate based on live DLP telemetry, follow where sensitive data is actually moving. Offer one-click remediation paths, revoke access, Titan sharing, quarantine misconfigured stores, or block risky exfiltration attempts in real time. Feed every enforcement decision back into the lineage and detection models so the system gets smarter over time. Without that tight loop, AI-driven leakage becomes another line item on an

Starting point is 00:09:26 overcrowded risk register. Why this matters now, not someday. There's a reason AI has suddenly made data security a board level topic again. Employees are using AI tools faster than governance can keep up. New regulations and customer expectations are raising the stakes for data misuse. Attackers are experimenting with AI-assisted reconnaissance and exfiltration. At the same time, security teams are consolidating tools. They don't want separate products for DLP, DSPM, insider risk, and AI security. They want one platform that can see and control data everywhere, at rest, in motion and in use, with lineage as the connective tissue. That's the platform we've been building at Cyberhaven, starting with our early work on data lineage and evolving into a unified eye and

Starting point is 00:10:13 data security platform that combines DLP, DSPM, insider risk, and AI security in a single system. Want to see what this looks like in the real world? On February 3rd at 11 a.m. Pacific time, we're hosting a live session where we'll show the first public demo of our unified eye and data a security platform and how it tracks data fragments across endpoints, SaaS, cloud, and AI tools in real time. Walk through how security teams get X-ray vision into data usage, so they can isolate the risky handful of actions hidden in millions of normal events, and stop them before they turn into incidents. Share candid stories from security leaders on where Legacy DLP and standalone DSPM have failed them in the AI era, and how a lineage first approach changes the game. Talk about where

Starting point is 00:11:00 we think DLP, insider risk, AI security, and DSPM are headed next, and why we believe the future belongs to platforms that were built on data lineage from day one, not retrofitted after the fact. If you're wrestling with AI adoption, shadow AI tools, are just a growing sense that your current stack is seeing only the surface of what's happening to your data, I'd love for you to join us and ask hard questions. Watch Live AI is already exfiltrating your data in fragments. The real question is whether you can see the story those fragments are telling, and whether you can act in time to change the ending. This story was published under Hackernoon's business blogging program. Thank you for listening

Starting point is 00:11:39 to this Hackernoon story, read by artificial intelligence. Visit hackernoon.com to read, write, learn and publish.

The Good Tech Companies - The Silent AI Breach: How Data Escapes in Fragments

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.