72 VIEWPOINT Organisations must prioritise the discovery, classification and protection of data before deploying AI solutions ANTHONIE DE BOS: KYNDRYL Data first, then AI Enterprises are racing to harness the transformative power of AI. At the same time, however, a hidden risk is silently intensifying: the complexity of safeguarding data at scale amidst exponential growth. The vast amount of data generated from multiple channels and used to train AI models enables enterprises to uncover competitive insights that enhance market reach and boost operational efficiency. However, AI has also produced a dramatically widened cyberattack surface. Along with stringent data privacy and AI regulations, the responsible handling of data has become even more paramount. The Kyndryl Readiness Report 2024 found that only 29 per cent of leaders believe their AI implementation is ready to manage future risks. Data security and privacy concerns ranked first among the top five barriers to AI adoption, followed by regulatory and compliance challenges in third place. Data security is the essential starting point for any AI strategy. Before deploying models or scaling innovation, organisations must prioritise the discovery, classification and protection of data wherever it resides. This foundational step ensures AI adoption is built on a compliant and resilient data infrastructure. Kyndryl provides solutions for discovering, classifying and protecting data across environments. Data security tools in this domain map sensitive assets, track access and flag misconfigurations or abuse. By closing gaps early, organisations reduce breach probability and provide auditable proof of compliance. Responsible AI adoption also demands precision in securing and governing data. Our approach to data security provides the visibility and control organisations need to align security strategies and investments with the location and sensitivity of critical data assets. It supports compliance with regulations like the General Data Protection Regulation, the Digital Operational Resilience Act and the European Union AI Act, enables cyber resilience and prepares for emerging risks such as postquantum threats. In this context, data security is not just a technical requirement, it is also a strategic enabler for responsible growth and long-term trust. In Kyndryl’s experience, there are five key areas where data security supports enterprise security and enables AI initiatives. The first is in governance, risk and compliance. Data security allows organisations to continuously monitor data assets, classify sensitive data and map regulatory requirements to actual data usage, helping them to maintain audit readiness and reduce compliance risk. Secondly, data security measures in zero trust help to identify data access patterns, enforce least privilege principles and detect anomalous behaviour, ensuring access is always verified. The third key area is in security assurance, where data security provides visibility into data vulnerabilities, misconfigurations and policy violations across hybrid environments. This enables proactive remediation. Fourthly, data security supports post-quantum cryptography by helping to identify vulnerable cryptographic methods and assess risks associated with the data protected by them. The final area is third-party risk management. Data security extends visibility into vendor and supplier data risks, enabling better oversight. “Data security is the essential starting point for any AI strategy”
RkJQdWJsaXNoZXIy NzQ1NTk=