From Uber in 2016 to Okta in 2023 to Sisense in 2024, it’s evident that there’s a pattern behind the tech industry’s most devastating breaches: Data sprawl. Let’s dive into how data sprawl played a part in last week’s Sisense breach, as well as how security teams can be proactive in defending against similar attacks.

We’re thrilled to announce that Nightfall was selected as the “Data Security Solution of the Year” in the 2024 Data Breakthrough Awards. With enterprises scrambling to stay on the cutting edge of innovation, it’s all too easy to lose sight of data stewardship. In addition to SaaS apps, email, and endpoints, now enterprises must also safeguard their generative AI (GenAI) applications, including both custom and third-party GenAI tools.

In the rapidly evolving AI landscape, the principle of least privilege is a crucial security and compliance consideration. Least privilege dictates that any entity—user or system—should have only the minimum level of access permissions necessary to perform its intended functions. This principle is especially vital when it comes to AI models, as it applies to both the training and inference phases.

As the adoption of AI models, particularly large language models (LLMs), continues to accelerate, enterprises are growing increasingly concerned about implementing proper security measures to protect these systems. Integrating LLMs into internet-connected applications exposes new attack surfaces that malicious actors could potentially exploit.

Nightfall has been named a Leader in Data Loss Prevention (DLP), Sensitive Data Discovery, and Data Security in G2’s Spring ‘24 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible. We’re also happy to acknowledge the Nightfall team’s tireless innovation, all in pursuit of helping customers to secure their sensitive data across SaaS apps, GenAI tools, email, and endpoints.

ICYMI, Nightfall recently launched a suite of enterprise DLP offerings including Data Exfiltration Prevention, Data Encryption, Sensitive Data Protection for SaaS and Email, and SaaS Security Posture Management (SSPM). To celebrate our new offerings, as well as our sixth birthday, we took a moment to gather insights from investors including Ryan Nece, Enrique Salem, Maynard Webb, Frederic Kerrest, and Kelvin Beachum Jr.

Back in 2018, Rohan and I founded Nightfall on the belief that AI could make data leak prevention (DLP) better, faster, and more accessible to every enterprise. At the time, Rohan was a founding engineer at Uber Eats, and I was an investor at Venrock specializing in SaaS and security. From these respective vantage points, we could see that legacy solutions weren’t working, and could never keep up with the evolving threat landscape.

In order to prevent worst-case data leak and data loss scenarios, security teams need to have both proactive and reactive measures in place. Let’s explore this further with an example. Imagine your sensitive data as valuables within a house. There are multiple ways to secure that house, including the following. To put this example into practice, security teams would need to: The first and last of these bullet points fall under the umbrella of SaaS Security Posture Management, or SSPM.

As the adoption of generative AI (GenAI) accelerates across enterprises, one of the most promising applications emerges in customer support. GenAI enables automated responses, allowing businesses to engage in natural conversations with customers and provide real-time chat support. However, this convenience comes with inherent risks, particularly concerning data privacy.

The modern enterprise relies on hundreds of SaaS apps, email services, generative AI (GenAI) tools, custom apps, and LLMs, which often contain sensitive data. For too long, security teams have been forced to patch together point solutions for coverage across these channels, increasing their workloads and creating opportunities for sensitive data to slip through the cracks. This is precisely where Nightfall’s single-pane-of-glass solution comes into play: With Nightfall Sensitive Data Protection.