Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The 21st-century gold rush is the AI boom, and it is producing a wave of emerging AI companies. Being the first to build and apply AI in novel ways successfully is the difference between success and failure. Because of this, companies can find themselves making a trade-off between time-to-market and security.

Artificial intelligence has gone from buzzword to business tool almost overnight. Employees are rapidly adopting platforms like ChatGPT, Gemini, and Copilot to draft content, analyze data, brainstorm code, and accelerate productivity. But as AI becomes embedded in everyday workflows, a new category of insider threat is emerging—one that is harder to detect, harder to classify, and potentially more damaging than anything security teams have faced before.

Today's data sprawls across the cloud, on-prem, and endpoints. Data lives everywhere, but the biggest challenge isn't just knowing where data resides across the organization. Security teams must understand what the data represents, identify what’s at risk, and protect it in real time.

Today's data sprawls across the cloud, on-prem, and endpoints. Data lives everywhere, but the biggest challenge isn't just knowing where data resides across the organization. Security teams must understand what the data represents, identify what’s at risk, and protect it in real time.

Last Tuesday, October 21st, OpenAI released ChatGPT Atlas, an AI-powered browser that allows users to interact with ChatGPT directly from any browser tab. Throughout last week, the Cyberhaven Labs team tracked its adoption in corporate environments and actively investigated its security vulnerabilities.

Last month, we brought together some of the brightest minds in cybersecurity for our Data Defense Forum event. As someone who's been in the trenches of data security for years, I walked away from these conversations with a renewed sense of urgency and optimism about where we're headed.

CSPM tools thrived by making cloud posture issues easy to find, but posture alone didn’t stop breaches. The market evolved into CNAPP – uniting posture, runtime, identity, and shift‑left – to deliver protection, not just visibility. DSPM is on the same trajectory: discovery and classification at rest are necessary but insufficient, especially as AI fragments data into shareable snippets that evade label‑centric controls.

For most CISOs, data loss prevention (DLP) has long been a familiar acronym. It’s a category of security technology that has been around for more than a decade, often associated with compliance and the need to keep regulated data under control. Yet while the concept sounds straightforward—preventing sensitive data from leaving the organization—the reality is that modern DLP platforms are far more sophisticated than their early predecessors.

AI exploded into the workplace overnight, reshaping how we work. Today, nearly every employee is experimenting with tools to move faster and think bigger. However, that acceleration comes with risk. According to Cyberhaven Labs’ latest research, nearly three-quarters of AI apps in use pose high or critical risks, and only 16% of enterprise data sent to AI ends up in enterprise-ready apps. The rest flows to personal or unvetted tools.

Confronted with a rise in sensitive data breaches, businesses are under pressure to efficiently protect their information while overcoming myriad technical limitations. In a recent video, Jon Loya, VP of Sales Engineering at Cyberhaven, shared valuable insights on the challenges of data loss prevention (DLP) and introduced Cyberhaven's cutting-edge strategies for tracking sensitive data within organizations.