Hero Panel Image

AI-powered DLP and GenAI risks cross swords

Share:
Christoph Schuhwerk

Christoph Schuhwerk

Contributor

Zscaler

Mar 29, 2024

Executives are pushing their teams to adopt GenAI tools in the name of innovation and productivity. But inappropriate use by insiders can easily expose sensitive data, with many high-profile examples in the media. 

An exciting new frontier for AI-driven security

ChatGPT, GitHub Copilot, and Jasper are just a few examples of an explosion of AI tools shaping the next frontier of productivity in many organizations. Executives are pushing their teams to adopt these tools in the name of innovation and productivity, but only some are taking the risks they can pose seriously. 

Inappropriate use by insiders can easily expose sensitive data, with many high-profile examples in the media. 

We now have the power to tailor the use of particular AI applications for your organization while ensuring you have complete data protection and full visibility into that usage. Real-time data loss prevention (DLP) at scale in massive enterprises is what AI/ML was born to do. 

Today’s DLP solutions secure data in three phases (at rest, in motion, and use) and have improved considerably in recent years. You can access tools that classify and categorize sensitive data throughout your infrastructure with relative ease, speed, and accuracy. Even so, detecting and stopping sensitive data leakage is getting more challenging. While you can automatically scan for text matching particular patterns, what happens if sensitive text isn't an exact match?

Imagine employees using generative AI to simplify basic tasks, like writing code for a project. They will probably describe what they need that code to do in general terms using AI prompts. These improvised descriptions may reveal more to the outside world than the company should, and their disclosure may go undetected by simple data-matching heuristics. For external AI tools, the risk of these conversations going public is even more significant as they occur beyond the reach of an organization's DLP solutions.

The same problem applies when information appears in audio or video formats or an encrypted data stream. Any sensitive data in these rich formats often isn't recognized. Humans can detect or infer information from the audio or visual aspects of media that are largely missed by DLP technology. 

Complicated problems demand sophisticated solutions

You can solve complex data protection problems with AI and zero trust security. Zscaler DLP delivers impressively sophisticated, cross-channel, context-aware pattern recognition that can reduce multiple forms of data loss. It provides data security protection more accurately and rapidly than competing solutions. When problems arise they are addressed quickly to minimize business impact.

Zscaler DLP applies to all users everywhere, no matter how unusual or complex the network topology may be. Covering everything that can access sensitive data reduces the chances of one major lapse. It also applies to all business data – including encrypted traffic. This expansive coverage means our DLP capabilities protect data across all endpoints, users, services, and external SaaS cloud services.

By automatically discovering, analyzing, and classifying different forms of sensitive data. They are trained in our expansive cybersecurity data repository and require minimal human oversight to configure or manage. They integrate seamlessly with our platform to deliver actionable intel across all business data, wherever it exists throughout the business infrastructure.

And when your employees leverage external generative AI to accomplish tasks, Zscaler DLP can help – even though the AI executes in another organization's infrastructure and the traffic is encrypted. You can record and retain all such queries and content, both outbound and inbound, while scanning them in real-time for policy violations. Your security analysts are alerted to any discovered violations.

Extending AI insights in all the ways you need the most

Using inline data analysis and recognition capabilities provides options for enhancing protection beyond traditional exact-match analysis. With extensive insight and intelligence via predefined dictionaries and customizable dictionaries (created by our customers) you can take it a step further. If the text of a particular file or query doesn't perfectly match the most typical or obvious phrasing, our dictionary-augmented AI may still recognize the basic idea involved. By comparing this idea against security policies, the AI can determine whether the data is sensitive and whether a security issue exists.

Additionally, we've made it easy for you to automatically generate configurable reports based on DLP analysis to inform and guide your security teams as they handle audits, launch new projects, and evaluate data status throughout the environment.

Finally, because organizations are increasingly working with video and audio formats, we're also working on extending Zscaler DLP to cover these areas.

AI is gaining new capabilities and being adopted for many tasks by a growing user base. Consider all the impressive AI videos based on a simple text prompt. Look out soon for DLP oversight to cover that kind of content as well – both inbound and outbound – thus minimizing data leakage risks from cutting-edge AI applications.

What to read next 

Getting data loss prevention right (Help Net Security)

Data privacy dilemmas highlight need for comprehensive DLP 

Zero trust element #6: Prevent data loss

Recommended