Post by Neena Goel

VP Enterprise IT & AI Governance | Data Privacy Officer | NLP Chatbot, RPA | AI in HRTech | Program Management | IIM Indore EMBA

Lets talk on the three generations of enterprise data security 1st G : Perimeter Security. Data lived inside your network. Firewalls, VPNs, and intrusion detection kept adversaries out. The threat model assumed a hard boundary between inside and outside, and it worked reasonably well until mobile devices, cloud services, and remote work eroded the perimeter itself. 2nd G : Zero Trust. The core idea is that no request should be trusted by default every request has to be authenticated, authorized, and evaluated against context, regardless of whether it came from inside the network or outside. Zero trust shifted the control from “where the packet comes from” to “who’s making the request and are they allowed to make it right now.” 3rd G : Data-centric Security applied to AI. It’s zero trust extended one layer deeper: not just “who’s making the request” but “what data does that request cause to flow, and where does it flow to.” Because in a GenAI system, a single user prompt can cause data to flow into a retrieval index, into a language model, into a tool call to a third-party API, and back into an output all in the space of one request-response cycle. Join the session for more insights

Post content