data security

API gateways are crucial for managing enterprise data security and governance with AI. They act as a central control point for authentication, logging, and access control, enabling organizations to track AI tool data requests and permissions. However, gateways are network-layer defenses, like firewalls, and cannot inherently prevent software-layer vulnerabilities from LLMs or code. A holistic security strategy encompassing application and AI model integrity is essential beyond perimeter defenses to mitigate risks.

China’s blocking of Meta’s acquisition of AI startup Manus signals a tougher stance on controlling sensitive technology, data, and talent, even for overseas-incorporated firms. This move emphasizes China’s focus on technological sovereignty amidst U.S.-China competition. The decision highlights concerns over offshore transfers of strategic AI assets and talent, potentially leading to a division in the global AI ecosystem.

Oracle has invested approximately $2 billion in TikTok’s U.S. joint venture, holding a 15% stake. This investment stems from a 2024 national security law mandating ByteDance divest TikTok’s U.S. operations. Oracle also houses TikTok’s U.S. user data and serves as its security provider, monitoring operations. Despite operational glitches attributed to Oracle data centers, the partnership signifies Oracle’s dual role as investor and critical operational partner in navigating regulatory and geopolitical landscapes.

Meta’s acquisition of AI startup Manus is a case study in cross-border compliance. China is scrutinizing the deal, focusing on export controls and technology transfer rules, despite Manus’s relocation from Beijing to Singapore. This highlights that a vendor’s domicile doesn’t determine regulatory exposure; technology origin is key. Businesses must now conduct deeper due diligence on AI vendors, examining technology origin, transfer compliance, and operational continuity to navigate evolving geopolitical and regulatory landscapes.

AI is crucial in programmatic advertising, but using third-party AI raises data security concerns. A growing trend is embedded, or local, AI, where models operate within an organization’s infrastructure, keeping sensitive data secure. This approach offers control, transparency, and auditability. Local AI enhances data governance, enables auditable model behavior, and supports applications like bidstream enrichment, pricing optimization, and fraud detection, all while complying with regulations. This balances performance with data stewardship and transparency.

Organizations face increasing challenges in fulfilling record requests due to sensitive data contained within. Manual redaction is error-prone, costly, and struggles to meet compliance standards like GDPR and HIPAA. CaseGuard Studio offers an AI-powered solution for automated redaction across various file types (video, audio, documents, images). It automates personally identifiable information (PII) detection and redaction, operating on-premise for enhanced data security. Key considerations when selecting redaction software include file type support, automation, security, and pricing scalability. CaseGuard Studio delivers across these criteria.

Oracle, Silver Lake, and MGX are reportedly investing in TikTok’s U.S. operations, holding a combined 45% stake. ByteDance will retain 19.9%, with the remaining 35% distributed among existing and potentially new investors. This deal aims to address U.S. national security concerns that led to the divestiture mandate. The new TikTok USA will have a majority-American board, with Oracle overseeing security. The U.S. government will not take an equity stake. Existing ByteDance investors like Susquehanna and General Atlantic are expected to invest further.

Netskope reports near-universal (95%) generative AI adoption in retail, up sharply from 73% last year, driven by competitive pressures. While usage of company-approved AI tools rises (from 21% to 52%), security risks escalate, with source code (47%) and regulated data (39%) commonly exposed. Companies are banning risky apps like ZeroGPT, and increasingly using enterprise platforms like OpenAI via Azure and Amazon Bedrock (16% each). Concerns extend to API connections (63%) and broader cloud security vulnerabilities, including malware via OneDrive and GitHub. Strict data protection and visibility are crucial.

Netskope, a SASE cloud security leader, debuted on Nasdaq (NTSK) with shares surging over 18%, valuing the company at $8.6 billion. The IPO, priced at $19 after an upped range, raised over $908 million for expansion. CEO Sanjay Beri highlighted their mission to secure AI and cloud adoption, redefining data network security. Netskope focuses on interoperability within the cybersecurity ecosystem and strategic acquisitions. While not yet profitable, revenue for the first half of the year reached $328 million, and the company expects positive free cash flow this year, fueled by over $700 million in ARR.

Retrieve Medical Holdings, Inc. is launching Retrieve Personal, a platform providing secure, immediate access to comprehensive medical records for patients and providers. Integrating with Health Information Exchanges (HIEs) and leveraging AI, Retrieve Personal compiles complete patient histories into actionable summaries. ID.me provides secure identity verification. This initiative addresses fragmented patient information but faces challenges like HIE interoperability and data standardization. The aim is portable health summaries, enhancing personalized healthcare and improving efficiency.