In Episode S7E7, Steven welcomes Glenn Day, CEO of NVISIONx, to discuss data risk intelligence and emerging threats in the age of AI and complex data environments. Glenn shares insights on data governance, the importance of proper data organization for AI adoption, and how NVISIONx helps organizations manage and purge data responsibly. The conversation underscores the significance of intelligent data classification in cybersecurity and the need for collaborative data governance across departments to achieve enhanced protection, compliance, and a competitive edge through AI models.
Summary
Data Risk Intelligence in the AI Age
Glen discusses how his military and public sector experience inspired him to launch NVISIONx. He explains that the company helps organizations manage and understand their data as assets throughout their lifecycle, classifying information beyond just sensitive data types to include business context and context-specific information.
Glen emphasizes the importance of democratizing data access across different business functions while maintaining proper controls. When asked about the impact of generative AI, Glen highlights the challenge of “garbage in, garbage out” and emphasizes the importance of organizations properly organizing and curating their data to effectively leverage AI models.
AI Model Security and Governance
Glen advises companies considering AI adoption to focus on data governance and model security. He emphasizes the importance of mature governance practices for optimal experiences with generative AI tools. Glen recommends regularly testing models with known datasets to ensure expected outcomes and avoid hallucinations. He suggests conducting these tests monthly or quarterly, as AI models continuously learn and may develop undesired behaviors over time.
NVISIONx Data Management and Purging Process
Glen explains how NVISIONx helps organizations manage and responsibly purge data. The platform contextually classifies data, applying retention schedules to business records. It recommends disposing of files when their retention periods expire, taking into account any applicable legal holds and redundancy. The purging process involves collaborative approval from business stakeholders, records managers, and legal teams. Glen highlights that this approach helps companies reduce their attack surface and compliance burden, especially during cloud migrations. He mentions that the platform includes an ROI calculator, which shows significant cost savings for customers in highly regulated industries, such as healthcare and financial services.
Intelligent Data Classification for Cybersecurity
Glen discusses the importance of intelligent data classification in cybersecurity. He explains that simply blocking all sensitive information, such as credit card numbers or social security numbers, is not effective, as it can disrupt legitimate business transactions. Instead, Glen advocates for a more nuanced approach that considers the context and purpose of data transfers. He also mentions the integration of directory services to manage access control based on employee roles. Glen emphasizes that understanding data at an intimate level enables better protection and compliance, while also allowing for optimization and competitive advantage through the use of AI models. He envisions a future where data governance enables continuous, comprehensive audits and more efficient business processes. Glen concludes by stressing that data governance is a team effort, requiring collaboration across departments and user-friendly tools that empower business owners to be their own data analysts.
About our Guest
Glen Day is the CEO and Founder of NVISIONx, a data risk intelligence and DSPM (Data Security Posture Management) company helping organizations protect what matters most: their data. With over 25 years of experience in cybersecurity, data privacy, and information governance, Glen has held leadership roles in the military, public, and private sectors — including serving as a U.S. Navy Commander in Information Warfare and as the first Chief Privacy Officer for Los Angeles County. He also led cybersecurity and information governance initiatives at Ernst & Young. At NVISIONx, Glen leads the charge in empowering organizations to reduce risk, improve compliance, and take control of their data in the age of AI.
Click the image below to listen to this episode of Brilliance Security Magazine Podcast.
Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.