Trellix Enhances Data Security for Generative AI

As businesses rapidly integrate generative AI into their operations, a significant security gap has emerged. The swift adoption of these tools has outpaced traditional security measures, creating new and often unseen vulnerabilities for sensitive information. Trellix has responded to this critical challenge by introducing an enhanced suite of data security capabilities and a strategic framework. This initiative is designed to empower organizations to adopt AI confidently while implementing robust guardrails to protect data from exposure and loss.

The urgency for such solutions is clear. Last year, 88% of businesses deployed AI in at least one function, a trend that has accelerated the rise of shadow AI and complicated data governance. This shift is already having a tangible financial impact, contributing to an average increase of $670,000 in the cost of data breaches. Even approved AI applications introduce substantial risk when clear policies governing data access and sharing are absent.

Alex Au Yeung, Chief Product Officer at Trellix, highlighted the core issue. The rapid enterprise adoption of AI tools is generating novel, invisible data risks. Trellix addresses this by unifying policy, visibility, and enforcement within a single framework. This allows customers to maintain control over how their data is utilized across both sanctioned and unsanctioned AI platforms.

To operationalize this control, Trellix promotes a three-part framework centered on policy, training, and technology. This methodology begins by establishing clear usage policies, reinforces them through ongoing training and governance, and provides real-time visibility and control over AI interactions with sensitive data. The approach is bolstered by significant enhancements across key product areas.

Trellix Data Loss Prevention now features an AI data risk dashboard. This tool monitors and prevents sensitive data loss to AI tools, offering real-time visibility into all AI usage. It identifies high-risk activity across endpoints and networks and enables a centralized response to incidents.

For database protection, Trellix Database Security includes an analytics hub. It guards against unauthorized access and potential compromise, with patching support that requires no downtime. The system monitors activity and vulnerabilities to score database risk, helping teams quickly pinpoint and secure high-risk databases to prevent data loss.

Trellix Data Encryption restricts access to sensitive information across devices, files, and removable media. This ensures AI tools cannot read protected data, while guaranteeing that only authorized personnel have access.

Complementing these technological solutions, Trellix Professional Services help organizations build and operationalize a holistic program. This service mitigates AI-related data loss risk across the domains of policy, technology, and governance. It includes policy assessments to define acceptable use for AI applications, reducing the dangers of shadow AI and ensuring alignment with both regulatory and business mandates. Technical implementation and tuning optimize configurations to detect and prevent AI-driven data leakage, while training and enablement initiatives foster an AI-aware culture through targeted guidance and real-time alerts.

The evolving regulatory landscape makes compliance a moving target, especially as AI use expands. As Kristin Lowery, Field CISO at Optiv, notes, having the right controls and visibility is now essential. It ensures compliant data-handling practices and prevents potential leaks. The combination of associate training, defined processes, and technical controls is critical for the responsible integration of new AI tools.

By integrating its data security innovations with professional services and a clear framework, Trellix provides a path for organizations to leverage AI as a powerful productivity driver. The goal is to unlock innovation while maintaining stringent control over sensitive data and systematically minimizing organizational risk.