Modern Data Security Strategies for AI

By Maryam Hussain , Digital Marketing Coordinator

August 6, 2025

3 minute read

What It Was About

This expert-led session examined a pressing issue for today’s enterprises: securing sensitive data in the era of AI innovation. As AI-powered tools like Microsoft Copilot reshape workflows, organizations face new risks tied to data access, compliance, and security controls. The discussion was tailored for CISOs, CPOs, and data leaders seeking to adapt their strategies to protect sensitive and mission-critical data from emerging threats.

Top 3 Takeaways

AI-Powered Risks Are Redefining the Data Security Landscape

AI is fundamentally data-driven, and many organizations struggle to adapt their data security strategies to address this evolving risk. Legacy security tools often create fragmented visibility, leaving gaps in AI-specific security needs. Enterprises must modernize their frameworks to monitor access, configurations, and the data itself to stay ahead of this challenge.

Operationalizing AI Data Security Requires Discovery First

Nimrod Vax emphasized the critical first step: identifying and discovering sensitive information. Without clear visibility into what data exists, organizations cannot build effective protections. AI applications, whether generative AI or agent-based tools, should be treated as “data products” with comprehensive labeling, classification, and access controls in place.

Collaboration Is Key in the AI Era

Kyle Kurdziolek outlined the need for organizations to align their privacy, security, and compliance teams under a single framework. He offered a four-step roadmap for designing an AI security playbook: seeing the data, understanding sensitivity and risk, acting with automated policies, and aligning internal teams. This approach not only mitigates risk but also promotes cross-functional collaboration to address AI-driven vulnerabilities.

Deep Dive: How Labels and Metadata Support AI Data Security

Labels and metadata are emerging as game-changers in managing AI-enabled environments. Nimrod Vax highlighted how enterprise-grade vector databases, such as MongoDB and Elastic, enable organizations to apply metadata and classify embeddings based on sensitivity levels (e.g., sensitive, public, internal). These tools enforce access controls at the database level or through the application itself, ensuring that sensitive information can be restricted from processing by AI tools like Microsoft Copilot.

For organizations deploying enterprise search technologies, the implications are profound. These tools make sensitive information excessively accessible, thereby increasing the risk of exposure. By adopting accurate data labeling and classification systems, organizations can prevent unauthorized access to sensitive data, ensuring compliance and minimizing legal risk.

Memorable Quotes

“We’re ultimately in a moment where the AI wave is crashing into every security conversation. And with that said, it’s creating as much confusion as it is introducing innovation.”

– Kyle Kurdziolek, VP of Security – BigID

“First and foremost, you can’t protect what you don’t know. Discovery is the foundation of every effective AI security strategy.”

– Nimrod Vax, CPO – BigID

“AI changes everything—especially your attack surface. Strategies need to evolve to meet this new risk landscape.”

– Kyle Kurdziolek, VP of Security – BigID

Poll Results & Insights

A live Q&A session revealed key areas of organizational concern:

43% of attendees cited “visibility into data use within AI tools” as their biggest challenge.
Top audience question: “How do we effectively label data to restrict AI systems like Copilot?”

Kyle Kurdziolek tackled this in-depth, explaining that modern data labeling tools, such as Microsoft Information Protection (MIP) labels, can be applied to source data, ensuring AI systems respect access restrictions. Nimrod Vax further clarified that tools like BigID automate these controls for discovery, labeling, and lineage tracking, simplifying ongoing AI management.