The future of security lies in prevention, not reaction

By Keir Garrett (pictured), Regional Vice President of Cloudera Australia and New Zealand

In Australia’s rapidly evolving landscape, Artificial Intelligence (AI) remains a double-edged sword: while it transforms businesses by automating tasks and fuelling innovation, concerns over data management and security continue to grow. According to a global report by McKinsey, AI cybersecurity risks are among the top concerns for employees and leaders. With data increasingly flowing across complex AI ecosystems, World Backup Day and World Cloud Security Day serve as timely reminders for businesses to review how they secure and govern their data.

AI’s Data Protection Challenge: More Data, More Risk

AI thrives on data, making it a powerful tool for businesses seeking deeper insights and efficiencies. However, as Australian organisations increasingly integrate AI into operations, we are starting to see them feed sensitive data into these models without full visibility into how it’s stored, processed, or shared. This creates significant security, compliance, and reputational risks.

Recent Gartner research has identified how this artificial intelligence adoption continues to increase security spend, with Australian organisations projected to invest nearly AU $6.2 billion on information security and risk management in 2025.

To address these challenges, Australia’s evolving AI and privacy regulations look to emphasise responsible and transparent AI deployment. However, as businesses work to align with this changing regulatory landscape, AI adoption continues to expand across various teams, increasing the complexity of data movement and oversight.

Without proper governance, sensitive information—such as customer data or proprietary business insights—embedded in AI models and reports can be unintentionally exposed, misused, or accessed by unauthorised users. Additionally, as multiple teams feed new data back into AI systems, the risk of errors, biases, and outdated information distorting AI-generated outputs grows, ultimately compromising their reliability.

From Reactive Security to Proactive Governance

As always, trusted AI begins with trusted data. Businesses can ensure responsible data management by adopting a secure-by-design approach to data platforms, accelerating enterprise AI while prioritising privacy from the outset. Instead of treating security as an afterthought, companies should embed privacy measures into their IT and business processes from day one. Ultimately, safeguarding data throughout its lifecycle is key to protecting both business interests and individual rights, ensuring faster incident response times when issues arise.

One of our key partners, Amazon Web Services, agrees. Corrie Briscoe, Head of Partner Sales, Asia Pacific and Japan, added, “In today’s rapidly evolving digital landscape, security isn’t just about protection – it’s about enabling innovation with confidence. As businesses in the region rapidly implement AI across their organisation, they must have security and confidentiality built in across each layer of the generative AI stack. They need to be able to secure the infrastructure to train AI models, build securely with tools to run AI models, and run applications that use foundational models with built-in security and privacy that they can trust. From day one, our AI infrastructure and services have had built-in security and privacy features that give customers control over their data, so that they can move fast while staying secure.”

To maintain security at scale, governance must also be automated. Security controls should be baked into AI workflows, ensuring that data security and compliance policies follow data wherever it moves—whether on-prem, in the cloud, or within third-party AI ecosystems. Security policies cannot remain static; they must evolve dynamically with AI-driven data flows. Organisations need fine-grained access controls so that even as they push the envelope on innovation, data is accessible only to the right people at the right time, adapting in real time based on usage patterns.

The way I see it, businesses have two choices: rely on outdated security approaches and react to threats as they arise or take control by implementing strong AI data governance from the start. The future of AI security lies in prevention, not reaction. Companies that establish proactive safeguards today may find themselves the leaders of tomorrow.