Why has data security lagged behind other cybersecurity disciplines?

According to Jason Clark, data security was historically unmanageable because organizations lacked the compute power to discover and classify data at scale. On-premises classification required racks of servers, making comprehensive data visibility practically impossible. The combination of cloud computing, APIs, and AI has only recently made this feasible.

What is the complete data security lifecycle that modern tools enable?

The lifecycle includes: discovering data everywhere, classifying its importance and sensitivity, understanding who has access and how much, assessing regulatory requirements, evaluating protection posture (encryption, environment security), tracking data flow and copies, implementing zero trust access controls, automating response actions, and destroying data that hasn't been touched for extended periods.

Why AI Is Finally Making Data Security Manageable

Name: Why AI Is Finally Making Data Security Manageable
Uploaded: 2026-03-25T08:38:33-04:00
Duration: 4 min
Description: TL;DR Data security has been cybersecurity's least mature discipline despite data being the primary target for attackers and the lifeblood of modern organizations. The combination of cloud computing power, API accessibility, and AI classification capa...

Cyera

03/25/2026

0 (0%)

Report Like Favorite

Transcript

concerns that are all valid, but when you get right down to it, ultimately what we're protecting here is data. Why have we struggled with this for so darn long? And I think though we're at a turning point thanks to AI because of this. Because of new tech and because of the importance of data and that rising driven by AI, but also a number of other factors, data is the lifeblood of every company now. If you're going to thrive, it's not just about the physical things you create, it has to be enabled through technology to be global and to reach the world. And so I think the security teams are realizing that it's information security. I know we say cybersecurity, but it really is information security. This whole info security versus cybersecurity is a hot debate. The majority of our job and majority of what the bad guys are trying to get is the data. And that is the least mature thing today in cybersecurity. I think we are at a turning point right now with data security in that for so long we felt it was so unmanageable, but now it can actually be managed. AI and cloud and the power of what you can do with the two. You don't have to have all the compute that you need to discover and really the compute to classify. To do that on-prem, we take a lot of racks of servers. And so because of cloud, you have the power of being able to connect whether it's on-prem or everything in the cloud. Data has become more accessible because of APIs. And then you add just the capabilities of AI to classify information. Those three things together is making this an impossible problem, very possible to solve now. And not just difficult, it's making it a lot easier. You have a hundred page document. What is this hundred page document? What is this database of numbers? You could just ask and it will give you that kind of information. You could say, classify it for me too. It's game-changing. And that wasn't possible two, three years ago, like not even a chance. So this has unlocked this insane, again, impossible thing for data, know thyself and know thy enemy. We've never really known ourselves and the asset we're trying to protect. And this is the first time we can. And so you start with discover, you classify. Now we know how important it is. We can complete the risk equation. Walk me through that domino effect. What are we now able to do? You're now able to find the data everywhere, understand how important that data is, which has been the missing link, the value of the data. Then who has access to it? How much access? What regulatory aspects matter? And then how is it protected? Is that file encrypted or not? What's the posture of that environment? Where else did that data sit? Now is that data flowing? Now I'm looking at the control factors of DLP. You start doing kind of the zero trust access analysis. And then after that, it is, should I respond? How do I respond? How do I automate that response? And then in the end, you also want to be destroying data. We're data hoarders. We hoard way too much data and we should also be destroying it if it hasn't been touched for X amount of years. Or we know that there's 28 copies of this in 28 different locations. And again, it hasn't been touched in two years. We should be destroying it. So it's that full data life cycle that we've never been able to do. Once you have that, then there's this confidence of being able to control your environment. You know, it's like all of a sudden you're able to connect all of your signals and all of your senses to one brain. It's like the brain, let's call it the data risk platform. There's this one thing of, I know where all my data is and how that risk state changes in real time. That's never existed before. You want to have that confidence in yourself? Well, why don't you check out what Sarah is doing? Go to their website. It's right there. Sarah.io.

TL;DR

Data security has been cybersecurity's least mature discipline despite data being the primary target for attackers and the lifeblood of modern organizations.
The combination of cloud computing power, API accessibility, and AI classification capabilities has made previously impossible data security problems solvable.
Organizations can now execute a complete data lifecycle: discover, classify, assess access and posture, implement controls, automate response, and destroy unnecessary copies.

Summary

In this CISO Series podcast segment, Cyera's Chief Strategy Officer Jason Clark discusses why data security has historically been the least mature area of cybersecurity despite being the primary target for attackers. Clark argues that the convergence of three technological factors—cloud computing power, API-driven data accessibility, and AI classification capabilities—has transformed data security from an impossible problem into a manageable one. He outlines the complete data security lifecycle that organizations can now execute: discovering data across all environments, classifying its importance and sensitivity, understanding access patterns and regulatory requirements, assessing protection posture, implementing zero trust access controls, automating response actions, and ultimately destroying unnecessary data copies. Clark emphasizes that this comprehensive visibility into data risk state in real-time represents a fundamental shift that enables organizations to finally achieve the 'know thyself' principle that has eluded security teams for decades.

Chapters

0:00 - The Data Security Gap
1:01 - Technology Convergence Enabling Change
2:25 - The Complete Data Lifecycle
3:24 - Real-Time Data Risk Platform

Key Quotes

0:46 "I know we say cybersecurity, but it really is information security."
1:41 "Those three things together is making this an impossible problem, very possible to solve now."
2:05 "So this has unlocked this insane, again, impossible thing for data, know thyself and know thy enemy. We've never really known ourselves and the asset we're trying to protect."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

06/24/2026

11:00 AM

06/24/2026

Accelerating Through AI: A Dynamic Webinar Series

https://www.truthinit.com/index.php/channel/2012/accelerating-through-ai-a-dynamic-webinar-series/
06/25/2026

01:00 PM

06/25/2026

Generative AI Security: Preventing AI from Becoming a Data Breach Multiplier

https://www.truthinit.com/index.php/channel/1998/generative-ai-security-preventing-ai-from-becoming-a-data-breach-multiplier/
06/30/2026

01:00 PM

06/30/2026

Mastering Active Directory Certificate Services for Long-Term Success

https://www.truthinit.com/index.php/channel/2018/mastering-active-directory-certificate-services-for-long-term-success/
07/01/2026

04:00 AM

07/01/2026

Integrating Security in AI: Automated Red Teaming Strategies for Private Models

https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
07/01/2026

04:00 AM

07/01/2026

Schutz von KI in Anwendungen, Agenten und APIs.

https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
07/01/2026

01:00 PM

07/01/2026

Preventing Your AI from Turning Against You: Essential Strategies

https://www.truthinit.com/index.php/channel/2021/preventing-your-ai-from-turning-against-you-essential-strategies/
07/02/2026

10:00 AM

07/02/2026

When the cloud goes dark: Resilience lessons from hybrid threats

https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-when-the-cloud-faces-challenges/
07/09/2026

01:00 PM

07/09/2026

The HUMAN Experience: Implementing AgenticTrust for Transformative Engagement

https://www.truthinit.com/index.php/channel/2026/the-human-experience-implementing-agentictrust-for-transformative-engagement/
07/14/2026

01:00 PM

07/14/2026

Crafting a Championship-Quality Security Team for Unmatched Defense

https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-quality-security-team-for-unmatched-defense/
07/15/2026

12:00 PM

07/15/2026

Discover How Cyera Is Transforming Agent Security Approaches

https://www.truthinit.com/index.php/channel/2036/discover-how-cyera-is-transforming-agent-security-approaches/
07/21/2026

04:00 AM

07/21/2026

Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
07/21/2026

01:00 PM

07/21/2026

HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
07/22/2026

06:30 AM

07/22/2026

Understanding the Dynamics of Data Privacy and Protection Regulations

https://www.truthinit.com/index.php/channel/2000/understanding-the-dynamics-of-data-privacy-and-protection-regulations/
07/28/2026

01:00 PM

07/28/2026

Illumio + Netskope: Zero Trust in the Age of AI Autonomy

https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
07/29/2026

04:00 AM

07/29/2026

Real-Time Strategies for Safeguarding Against Prompt Injections

https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
09/30/2026

04:00 AM

09/30/2026

AI Command Center: Optimizing Visibility and Control in Your Operations

https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/