• AI didn’t create a data security problem—it exposed how outdated traditional DLP methods had become. 
• More organizations with limited resources are adopting cloud-managed DLP and DSPM, replacing disconnected point solutions with unified visibility and control. 
• The future of security is data-first: understanding sensitive information in context and building protection around how it moves, what it contains and how it’s used. 

You can’t explore cybersecurity lately without diving into a surge of conversations around AI governance, encrypted traffic, cloud-managed DLP, and data sovereignty. At first glance, these trends might look disconnected. Well, they’re not. In fact, the way security professionals are approaching all of these issues is linked to a fundamental shift in how we all protect data.

Dive deeply into these data security topics and you’ll see that, thanks to AI accelerating the speed, scale, and complexity of how data moves through an organization, relying solely on perimeter-based security is no longer an option. Those conversations reveal how traditional approaches to visibility and control are starting to show their age—and how the future of cybersecurity starts with understanding how best to protect data.

AI changed the game, not just the rules 

Generative AI tools are leading workers to use more unsanctioned apps for speed and convenience. This has been challenging for security teams, especially those trying to apply data loss prevention (DLP) solutions to environments that still incorporate data silos and fragmented policy frameworks. 

AI hasn’t just created new risks like Shadow AI. It’s exposed weaknesses that already existed. 

Traditional, network-based approaches bring plenty of data protection to a distributed, encrypted, AI-driven reality. But AI can complicate matters for organizations that until now haven’t considered cloud-based DLP. Encrypted traffic blind spots, complex on-prem infrastructure, and inconsistent policy enforcement (especially for remote devices) often leave many organizations struggling to maintain visibility and adequate security around their sensitive data flows. 

In response, many security teams have already adopted cloud-based DLP approaches that deliver protection directly to the endpoint. By bringing DLP agents to devices, organizations can inspect and govern data activity before it’s encrypted or sent, shedding light on every corner of their environments. The growing popularity of cloud-based DLP suggests data protection isn’t solely built around the network anymore. It’s built around the data. 

A call for simpler, sustainable data security  

As data continues to move across platforms, cloud environments, and identities, security teams realized DLP programs need to do way more than just detect data risk. 

Three challenges demanded change from organizations and vendors alike: limited resources, growing alert fatigue, and difficulty adapting policies to constantly changing environments. Organizations are embracing an approach that’s built around automation, streamlined management, and deeper integrations with today’s identity and cloud ecosystems. 

By taking a simpler, more efficient approach, security teams can keep sensitive information secure, even across distributed environments. On-premises and cloud-based DLP solutions that leverage automation are becoming the new baseline for faster reporting and incident remediation—not only easing friction in the SOC by reducing manual effort, but by giving system admins and API users complete control. With security teams back in control, organizations can scale confidently into the next phase of the AI era. 

A new security layer is taking shape 

With AI agent use expected to increase tenfold by 2027, data is moving a lot faster than most security teams can track. This is creating a surge of new data flows between agents, LLMs, APIs, and tools. Because agents operate at machine speed (unlike human users), there’s little to no human oversight as sensitive information moves back and from across systems. Every prompt, tool call, and agent-to-agent interaction can be a potential leakage point. 

Although traditional DLP models were built around users, endpoints, and networks, not autonomous AI systems making thousands of decisions and data exchanges per minute, even on-premises DLP is working to accommodate that new reality. So, instead of relying solely on application-level controls, security teams are exploring Agent Gateway-level inspection and Defense in Depth (DiD) approaches that can govern AI communications in real time without disrupting how agents operate or imposing additional network hops. 

This is more than merely changing AI governance. It signals the emergence of a whole new security layer for protecting data—one that major cloud providers like Google Cloud are already helping shape through infrastructure-level, centralized traffic inspection. 

The blueprint for data-centric security

You can’t protect what you don’t understand. And data itself (despite being critical) is often the hardest to understand. This challenge led to the rise of data security posture management (DSPM). Often referred to as “data-first” security, it removes barriers to understanding, helping organizations see their data estate as it truly exists: distributed, dynamic, and always evolving. 

As more organizations embrace data-centric security models, DSPM adoption keeps growing, especially when paired with DLP. In this proven power couple, DSPM provides added context (understanding the data, its sensitivity and exposure) while DLP delivers control (enforcing policies and protecting data where it lives). 

Giving organizations clear context into their data landscape, this combination makes it possible to adopt a data-centric security model with far less friction. This aligns with a much broader industry shift away from fragmented security stacks towards unified visibility and enterprise-grade protection across endpoints, email, web applications, network traffic, and data centers. 

Why cloud DLP needed a trust rethink  

In the last decade, many organizations have been trapped within a data sovereignty paradox. 

To comply with customer contracts, financial regulations, governance policies, and industry standards in highly regulated sectors, sensitive data must stay within defined boundaries and always under control. Yet cloud-based DLP solutions typically need sensitive content to leave the organization’s infrastructure for scanning, creating compliance, and trust gaps. This forced organizations to choose between security visibility and data sovereignty. That’s a choice no team should be forced to make. 

Thankfully, they don’t have to anymore. Distributed Detection Service (DDS), a cloud-native DLP scanning engine, deploys right into infrastructure—on-premises, private cloud, or within your cloud region. Built on a containerized architecture, DDS provides the flexibility traditional cloud-based DLP solutions lack with local processing and centralized management at the forefront. And with AI safety guardrails, real-time API security, and in-tenant compliance, your organization can finally meet industry standards and say goodbye to compliance issues—without any more risky tradeoffs. 

What’s next for data security

For years, security strategies focused on protecting the perimeter. But in today’s AI-driven environments, data is constantly moving across prompts, agents, APIs, copilots, and autonomous workflows. The perimeter we once knew is no longer at the center of security. Data is.  

As pioneers in DLP, we’ve seen firsthand how every major tech shift reshapes the way organizations think about protection. AI is putting that shift into overdrive.

That’s why Symantec DLP Cloud and Symantec DSPM are uniquely positioned to become a crucial layer within your modern security stack, replacing disconnected point solutions with unified visibility, context, and precise controls. After all, organizations don’t need more fragmented alerts. They need complete, unequivocal understanding of their data landscape. 

The ability to understand your data is rapidly becoming a defining advantage in cybersecurity, and not just for data security solutions. Endpoint and XDR solutions, too, are increasingly including data context to better improve threat detection and response. For instance, Symantec CBX, a unified XDR platform, delivers meaningful context across endpoints, network and data. Understanding data—where it exists, what it contains, and why it matters—it delivers the extensive visibility and cross-domain, native telemetry organizations need to secure their edge against today’s and tomorrow’s threats. 

Want to see where data security is heading next? 
Catch the fourth session of CBX Fest for a deeper conversation on the essentials within CBX that ensure your sensitive info stays where it belongs: Cut Data Noise Without Cutting Visibility.