जेसी ग्रिंडलैंड - उपाध्यक्ष, वैश्विक चैनल और गठबंधन
December 18, 2025 2 Minute Read
I spoke with a CISO recently who discovered something alarming:
His developers had been copying production customer data — including PII — into tools like ChatGPT and CoPilot for months.
No visibility.
No controls.
His first question: “Are we already non-compliant?”
The answer, increasingly, is “potentially yes.”
Regulations are evolving fast to address the explosion of generative AI:
- The EU AI Act, with major provisions now in force and full enforcement ramping up in 2026, imposes strict obligations around high-risk data handling in AI systems — with fines that can reach tens of millions for serious breaches.
- In the US, states like Colorado, California, and Illinois are strengthening privacy and AI-specific rules, making uncontrolled data flows into public GenAI models a reportable — and punishable — issue.
The core problem? Most organizations have no idea where their sensitive data is going inside GenAI tools today.
You can’t answer the three questions every regulator will soon ask:
- Who is using which GenAI apps?
- What sensitive data is being uploaded?
- Are appropriate safeguards in place?
Across our customer base at Skyhigh Security, we see over 1.2 billion GenAI transactions per month.
The troubling truth: 5–7% regularly involve clear PII, PHI, source code, or proprietary financial data.
This isn’t a future risk — it’s happening right now.
The good news: You can solve it without killing innovation.
With Skyhigh’s unified DSPM + DLP platform, you get:
- Complete visibility into Shadow Data and GenAI usage across your entire estate, on-prem and in the cloud.
- Precise, contextual policies that block risky uploads, coach users in real-time, or safely redact sensitive content — all from one console
- No rip-and-replace — deploy quickly and enforce the same policy from S3 buckets to Slack to Copilot
Customers who implement this are sleeping better at night, knowing they’re not one careless prompt away from a major incident.
This is the biggest data protection shift since GDPR — but unlike GDPR, you can get ahead of it easily.
Want to see exactly what GenAI risk looks like in your environment?
Reply or message me “GenAI Risk” and I’ll arrange a no-obligation 30-minute assessment. We’ll run the scan and show you real examples of what’s leaking today.
Your innovation shouldn’t come at the cost of compliance.
Let’s make sure your data stays safe — while your teams keep moving fast.
लेखक के बारे में
जेसी ग्रिंडेलैंड
उपाध्यक्ष, वैश्विक चैनल और गठबंधन
Jesse Grindeland has led a career that could only be described as diverse and spends his days putting all these experiences to work. Jesse has an entrepreneurial spirit backed by 20 years of building and leading businesses across technology, software, SaaS, services industries and global geographies for both high-growth private and multibillion-dollar publicly-traded corporations. Jesse has proven expertise in driving business, technology, and customer transformations on a global scale, leading high revenue growth, successful innovation, and high performing global sales, channel, marketing, & engineering teams.
ब्लॉग पर वापस जाएं