Varonis: AI's Impact on Data Security and Cyber Risk

Name: Varonis: AI's Impact on Data Security and Cyber Risk
Uploaded: 2026-06-25T20:31:09-04:00
Duration: 2 min 35 s
Description: AI is transforming how organizations work and how attackers operate, but it’s also introducing entirely new data security risks. In this montage, Varonis leaders break down how generative AI, agents, and copilots are changing the cybersecurity landscap...

Varonis

06/25/2026

0 (0%)

Report Like Favorite

Transcript

Since JAD-GPT got released, I mean, everybody rushed to AI. The potential gains from AI are outweighing the potential security risks, and it's like people have blinders on. AI has changed the way enterprises are thinking about data security. People are realizing that data security is what is foundational to using AI safely. They are giving confidential data to different LLM like Gemini and JAD-GPT. All the private data that you're giving to these AI is a kind of a goldmine. Organizations underestimate their AI risk when it comes to data. They often have no idea what these agents and tools like Copilot and JAD-GPT actually have access to. Most organizations don't necessarily know and understand the access parameters for every data source that AI is accessing, and so they don't really have true visibility into who has access to what. But when you've got agents acting on users' behalf or on their own accessing all these data sets all the time, it becomes another thing. If permissions are kind of left open, every user is going to have access to basically whatever they prompt for, and I think it's pretty dangerous. There's lots of ways that bad actors can use AI to help write the code that would create the malware. We have started seeing attacks where bad guys understand AI good enough that they can create attacks. They've developed entire pipelines using agentic AI. The regulations themselves are going to change drastically. More and more organizations are going to find themselves succumbing to, oh, I thought we were good. I didn't necessarily think that our particular AI system fell into this category, and then come to find out they actually do fall in within maybe the EU AI Act for high-risk systems. They don't know what they don't know, and it's introducing a lot of risk that they don't know how to measure, they don't know how to control for. AI is really good at collecting and analyzing data. Organizations can use AI to fight malicious AI. The attackers are adopting AI tools. This arms race will never end. Organizations need to rapidly adopt AI tools and automation to keep up with the attackers that are doing the same. The only way to measure and reduce risk and to minimize the time to detection and time to response for a threat is to use automated, smart systems to do it. That's where the value is for security teams right now.

TL;DR

Organizations are rushing to adopt AI tools like ChatGPT and Copilot without fully understanding the data security risks, often lacking visibility into what sensitive data these agents can access.
AI introduces new attack vectors as bad actors leverage AI to create sophisticated malware and exploit over-permissioned systems that grant AI agents broad access to confidential data.
An AI arms race is emerging between attackers and defenders, requiring security teams to rapidly adopt automated AI-powered tools to detect threats and respond at machine speed to stay ahead of malicious AI.

Summary

This montage from Varonis leaders examines how artificial intelligence is fundamentally reshaping cybersecurity and data protection. The discussion centers on the dual nature of AI adoption — while organizations rush to implement generative AI tools like ChatGPT and Copilot for productivity gains, they often underestimate the data security risks these technologies introduce. Varonis experts highlight critical blind spots including unknown data access patterns, over-permissioned systems, and the lack of visibility into what AI agents can actually access. The video addresses the growing threat of AI-powered malware, the evolving regulatory landscape including the EU AI Act, and the emerging arms race between malicious AI and defensive AI capabilities. The core message emphasizes that data security must be the foundation of safe AI adoption, and that organizations need automated, intelligent systems to measure risk, maintain visibility, and respond to threats at the speed AI demands. The experts stress that without proper controls and understanding of access parameters across data sources, AI tools become a potential goldmine for attackers accessing confidential information.

Chapters

0:00 - The AI Adoption Rush
0:27 - Data Security as AI Foundation
1:24 - AI-Powered Threats Emerge
2:05 - Fighting AI with AI

Key Quotes

0:14 "The potential gains from AI are outweighing the potential security risks, and it's like people have blinders on."
0:27 "People are realizing that data security is what is foundational to using AI safely."
1:15 "If permissions are kind of left open, every user is going to have access to basically whatever they prompt for, and I think it's pretty dangerous."

FAQ

Why do organizations underestimate AI security risks?

Organizations often have blinders on because the potential productivity gains from AI outweigh perceived security risks in their minds. They frequently don't understand what AI agents and tools like Copilot actually have access to, and lack visibility into access parameters across their data sources, creating unknown risk they can't measure or control.

How can organizations defend against AI-powered attacks?

Organizations need to fight AI with AI by rapidly adopting automated, intelligent security systems that can analyze data, detect threats, and respond at machine speed. The only way to minimize time to detection and response is through smart, automated systems, as manual approaches cannot keep pace with the evolving AI threat landscape.

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

06/30/2026

01:00 PM

06/30/2026

Mastering Active Directory Certificate Services for Long-Term Success

https://www.truthinit.com/index.php/channel/2018/mastering-active-directory-certificate-services-for-long-term-success/
07/01/2026

04:00 AM

07/01/2026

Integrating Security in AI: Automated Red Teaming Strategies for Private Models

https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
07/01/2026

04:00 AM

07/01/2026

Schutz von KI in Anwendungen, Agenten und APIs.

https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
07/01/2026

01:00 PM

07/01/2026

Preventing Your AI from Turning Against You: Essential Strategies

https://www.truthinit.com/index.php/channel/2021/preventing-your-ai-from-turning-against-you-essential-strategies/
07/02/2026

10:00 AM

07/02/2026

Resilience Insights from Hybrid Threats Amidst Cloud Challenges

https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-amidst-cloud-challenges/
07/09/2026

01:00 PM

07/09/2026

The HUMAN Experience: Manifesting Agentic Trust in Real Life

https://www.truthinit.com/index.php/channel/2026/the-human-experience-manifesting-agentic-trust-in-real-life/
07/14/2026

01:00 PM

07/14/2026

Crafting a Championship-Quality Security Team for Unmatched Defense

https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-quality-security-team-for-unmatched-defense/
07/21/2026

04:00 AM

07/21/2026

Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
07/21/2026

01:00 PM

07/21/2026

HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
07/22/2026

06:30 AM

07/22/2026

Insights and Strategies from the DPDP Webinar

https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-from-the-dpdp-webinar/
07/28/2026

01:00 PM

07/28/2026

Illumio + Netskope: Zero Trust in the Age of AI Autonomy

https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
07/29/2026

04:00 AM

07/29/2026

Real-Time Strategies for Safeguarding Against Prompt Injections

https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
08/19/2026

12:00 PM

08/19/2026

Witness Cyera Agent Security in Action: A Firsthand Experience

https://www.truthinit.com/index.php/channel/2036/witness-cyera-agent-security-in-action-a-firsthand-experience/
09/30/2026

04:00 AM

09/30/2026

AI Command Center: Optimizing Visibility and Control in Your Operations

https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/