Understanding ChatGPT security risks your team might be missing
Refreshed and updated January 7th, 2026. In a dramatically short period, ...
Blog
Explore our blog & insights
Subscribe to our blog to receive expert tips, industry trends, and updates directly to your inbox.
Subscribe
Subscribe
Subscribe
Featured
Data Loss Prevention (DLP): What It Means in 2026 and Why Traditional Approaches Fall Short
Data loss prevention has been around for years. Most security teams recognize the term DLP, many have deployed some type of tool, and almost everyone has felt the pain of tuning policies and chasing endless alerts. What has changed recently, and incredibly quickly, is the environment DLP is called on to protect. The huge issue ...
The top 5 data security management challenges and how to address them
Refreshed and updated January 7th, 2026. Data security management used to...
Looking Back on an Extraordinary Year
Concentric AI has turned the page on 2025, and what a year of growth and ...
A guide to CMMC compliance
For years, cybersecurity guidance in the defense supply chain left some r...
What Is GenAI Data Security? A Practical Guide for 2026
For years, companies poured time and money into shoring up the usual susp...
Structured vs. Unstructured Data: Understanding the Differences, How to Protect & Classify Both
Modern work no longer runs on databases. Today, it’s all about document...
What Security Teams Need to Know About Claude Security
Claude has quietly become the go-to assistant for people who want all the...
What Is GenAI Data Governance? A Practical Guide for 2026
It took us decades to come up with the right tools and strategies to secu...
CCPA Compliance in 2026: What Organizations Need to Know
Europe’s General Data Protection Regulation (GDPR) and California’s C...
A Guide to AI Security Posture Management (AISPM)
GenAI has gone from “interesting experiment” to “embedded in every ...
A guide to Data Security Governance
This article was refreshed and updated on November 14th, 2025. Data secur...
Investigating a data breach: the complete guide
Every enterprise will experience a breach sooner or later, but what matte...
How Role-Based Access Control (RBAC) Helps Data Security Governance
Article was refreshed and updated on Nov 5th, 2025. The challenges of pre...
What you need to know about the EU AI Act and how Concentric AI can help
Article was refreshed and updated on Nov 5th, 2025. The European Union...
A guide to Salesforce Data Loss Prevention (DLP) and Data Classification
Article was refreshed and updated on Nov 5th, 2025. Customer Relationship...
A Guide to Federal Information Security Modernization Act (FISMA) Compliance in 2026
Few environments match the scale and scrutiny of federal IT. Every agency...
A Technical Guide to DSAR
How to Handle Data Subject Access Requests with Confidence and Automation...
Comparing SPII vs PHI and PII: A Sensitive Information Guide
Sensitive information has never been more vulnerable, or more misundersto...
How to use AI to achieve SOX compliance
When it comes to corporate accountability, the Sarbanes-Oxley Act is one ...
Cybersecurity Awareness Month: GenAI Governance Is the New Cyber Hygiene
Every October, Cybersecurity Awareness Month kicks off with all the usual...
2026 Microsoft Copilot Security Concerns Explained
Refreshed and updated on September 25th, 2025. You’ve used ChatGPT and ...
Everything security leaders need to know about using DSPM for GenAI
Generative AI (GenAI) didn’t wait for an invitation into the enterprise...
A technical guide to data retention
Businesses are swimming in data. Eight years ago, the average company m...
Data in motion vs. Data at rest: Security and IoT explainer
Data never stands still. Every second, it’s moving — across devices, ...
A guide to using AI for FERPA Compliance
Refreshed and updated September 10th, 2025. When we think about digital t...
A Guide to Managing Data Deduplication
Refreshed and updated September 10th, 2025. Businesses aren’t drowning ...
What is Data Security Posture Management? Your Complete DSPM Guide
Refreshed and updated September 10th, 2025. For the modern organization, ...
A Guide to the Hidden Risks of Shadow AI
It didn’t take long, but heavy Generative AI (GenAI) use in the enterpr...
Is ChatGPT Secure? 10 Prompts You Don’t Want Your Employees Trying with ChatGPT
Generative AI is great until someone pastes confidential data into a publ...
The importance of data classification levels and labels
Article updated and refreshed 7/29/25. As the transformation towards digi...
Comparing DSPM, DLP, and Data Privacy
Updated and refreshed on 7/29/25. If you’re keeping up with any of the ...
Data Access Governance: a Technical Explainer
Note: this article has been updated & refreshed as of 7/25/2025 As cl...
Securing Data Wherever It Lives and However It Travels – We Take a Giant Step Today in Making That a Reality
When Madhu and I started Concentric AI, we took dead aim at what we saw a...
Discovering Your Data: Speed vs. Defensibility
As unstructured data sprawls across today’s ecosystem (cloud, on-prem, ...
Reviewing Data Encryption Technologies & the Latest Trends
Article refreshed June 17, 2025. As the cybersecurity landscape evolves i...
2026 Ransomware Predictions & Prevention
Despite increased awareness and quality of defenses, ransomware continues...
DSPM for AI: What It Is, Why It Matters, and How to Get It Right
AI is eating the enterprise. Today, customer service chatbots and generat...
Redefining the Role: My View of What Makes a CISO Great
Being a CISO today is a balancing act of strategic leadership, financial ...
What is the DORA Act? Security, Risk Requirements Explained
As financial institutions race to keep up with digital transformation, th...
A Guide to Data Classification Policies for Your Organization
If you’re serious about protecting your sensitive data, you need a data...
The Time for AI Governance is Now — Here’s What It Takes to Do It Right
As organizations embrace the transformative potential of AI—from genera...
2026 Guide to Modern Information Lifecycle Management
Your data doesn’t politely announce when it’s expired. It lingers, co...
RSA and the Agentic AI Bandwagon
I was at RSA last week—along with thousands of other security practitio...
ITAR Compliance: What Every CIO and CSO Needs to Know
When we think about data protection and security, it seems obvious that i...
Exploring DLP security: what is it and how should you approach it?
Data loss prevention (DLP) was supposed to be the savior of enterprise da...
A Guide to Automated Data Classification
Let’s talk about data classification. We know, it sounds as exciting as...
What is data masking and how can it protect sensitive data?
With more sensitive data to manage and protect than ever, the more tools ...
AI Data Privacy: AI’s Role in Data Privacy Protection
Not long ago, it was only large businesses like enterprises that were man...
A guide to DSPM tools and vendors for 2026
As cloud computing adoption skyrockets, companies are grappling with the ...
A Guide to Data and Access Sprawl
Massive cloud migration and digital transformation are inarguably great f...
A guide to India’s data privacy act (DPDPA)
Data privacy has never really been just a Western concern. With the rise ...
9 best practices for data governance in a healthcare setting
Note: this article has been updated & refreshed as of 2/25/2025 In th...
A guide to data governance frameworks
Data is like the currency that drives business. It also drives innovation...
Exploring Generative AI Applications in Cybersecurity
Artificial intelligence (AI) has achieved remarkable advancements over th...
A guide to remote employee tracking and data leak prevention
While the shift to remote and hybrid work has opened up a world of opport...
Concentric AI’s Transformative 2024: Soaring Growth & Breakthrough Innovation
As 2024 comes to a close, the proverb – the days are long, the years ar...
Information walls & barriers in a data security context
Have you ever considered the invisible barriers that exist within your or...
What is data lineage? A technical guide
Note: this article was updated and refreshed on November 3rd, 2024 When i...
Concentric AI: Today was a significant milestone but we are just getting started
When we started Concentric AI five years ago, it was obvious that enterpr...
Exploring the Industry’s First AI-Based Copilot Access Governance Solution
AI tools like Microsoft Copilot are here to stay. Despite the security ri...
Strategies for improving M&A data security
Mergers and acquisitions (M&A) play a crucial role in the growth and ...
How to deploy DSPM and improve your security posture
In today’s digital and cloud-first business environment, understanding ...
A Guide to ISO 27701 Standards and Audits
The International Organization for Standardization (ISO) and the Internat...
What is shadow data and how should your organization protect against it?
As digital transformation and cloud migration become more commonplace in ...
A Guide to Google Gemini Security
As artificial intelligence continues to dominate discussions about its ro...
Concentric AI Recognized in DSPM Category in Gartner’s Hype Cycle for Cyber-Risk Management 2024
Cloud computing has revolutionized the business landscape and is now prac...
Concentric AI Recognized in Gartner’s 2024 Hype Cycle for Backup & Data Protection Technologies
Knowing where all your data resides is like playing a game of hide and se...
Microsoft Purview and Concentric AI: Working Better Together
For organizations today, achieving robust data governance, compliance, an...
A guide to Cloud Data Loss Prevention (DLP)
With massive cloud migration and more data to manage than ever, protectin...
Comparing DSPM and CSPM
Cloud computing has revolutionized the way organizations store, process a...
Maintain HIPAA and HITECH Compliance with Concentric AI
As the healthcare industry continues to make strides in digital transform...
How Concentric AI works to complement the NIST CSF
What is the NIST Cybersecurity Framework? What you need to know The NIST ...
Exploring data classification strategies for GDPR
With massive cloud migration and more data being stored and collected tha...
How to achieve your data classification goals for PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a globally ...
A technical overview on meta and user-driven data classification
Modern enterprises struggle with massive growth in data, often exponent...
How to Add a New Superpower to Your Ransomware Defenses
It’s time again to talk about ransomware. We know it’s still happenin...
Data Detection and Response: the Complete Guide
What is Data Detection and Response? Data Detection and Response (DDR) is...
Data Security Posture Management in the Education Sector: What You Need to Know
Cyberattacks targeted at big-name businesses may take up most of the head...
DSPM Buyer’s Guide
In a business landscape where cloud migration is the norm and and the lik...
How Data Security Posture Management tools like Concentric AI can help secure Copilot Deployment
In a business landscape dominated by rapid digital transformation and AI ...
Are Data Security Solutions Worth It?
As data security moves up the priority list of almost every boardroom, pi...
How Concentric AI Can Lower Your Cyber Insurance Costs
Not long ago, only a small number of businesses and industries were conce...
How to Mature Your DSPM
If you’re in charge of protecting sensitive data, you know that the imp...
California Delete Act: What You Need to Know for Compliance
The landscape of data privacy is evolving faster than companies can keep ...
How Data Management Frameworks Can Enhance Data Security
As cloud technology becomes a centerpiece of business operations across a...
2023 Year in Review
As 2023 comes to a close, I can’t help but reflect on the convergence o...
Information Sensitivity: What It Is, The Risks, and How to Protect It
Organizations face a trifecta of challenges when it comes to protecting d...
How organizations can navigate the current status of state privacy laws
Not long ago, the term data privacy was considered a buzzword. Today, dat...
Navigating the New SEC Cybersecurity Rule with Concentric AI
The U.S. Securities and Exchange Commission (SEC) has recently introduced...
AI Executive Order: What businesses need to know
The AI Executive Order, signed by President Biden on October 30, 2023, ma...
Insider risk detection and response: a deep dive
To meet the demands of massive cloud migration and digital transformation...
Elevate Your Data Security Posture with Concentric AI’s Managed DSPM Solution
As cloud migration and digital transformation continue influencing IT ope...
Understanding Data Leakage and How Concentric AI Can Help Prevent It
It seems like it happens almost every day: a confidential data breach ap...
Understanding Data Exfiltration and How Concentric AI Can Help Prevent It
As businesses continue migrating to the cloud in monumental numbers, the ...
FCA and PRA (UK) Compliance with Concentric AI
The Financial Conduct Authority (FCA) and the Prudential Regulation Autho...
Concentric AI Receives Prestigious SINET16 Innovator Award
We are excited to announce that Concentric AI has been recognized as one ...
Beyond Trainable Classifiers with Concentric AI
Modern enterprises face a daunting challenge: managing the explosive grow...
Sensitive Data Discovery for Audio and Visual Files: A Technical Overview
Data is becoming the backbone of the modern organization. Today, business...
Breaking Language Barriers: A New Era in Data Security Posture Management
The shift towards a global business landscape combined with massive cloud...
Complying with Dutch Authority for the Financial Markets and the Central Bank of the Netherlands regulations
What are the AFM and DNB? The Dutch Authority for the Financial Markets (...
EBA Guidelines: How Concentric AI can help with compliance
The European Banking Authority (EBA) released the Final Report on the Gui...
Unveiling the Power of Privacy Personas in Data Protection
For the modern organization, data protection has evolved into a complex a...
Concentric AI Included in Gartner’s 2023 Data Security Hype Cycle for Data Security Posture Management (DSPM)
In today’s data-driven business landscape that has fueled massive c...
Concentric AI Included in Gartner’s 2023 Hype Cycle for Storage and Data Protection Technologies
Organizational data is everywhere: in the cloud, on premises, structured,...
Data Classification Redefined: Unleashing the Power of Archetypes
As the shift towards digital and cloud-based solutions accelerates, data ...
SEC 17a-4: What you need to know and how Concentric AI can help with compliance
What is the SEC Rule SEC 17a-4 SEC Rule 17a-4 is a regulation issued by t...
Concentric AI Included in Forrester’s Sensitive Data and Discovery Landscape
The Forrester Sensitive Data Discovery and Classification report discusse...
How Concentric AI helps boost compliance with the UK Data Protection Act 2018
What is the UK Data Protection Act 2018? The Data Protection Act 2018 is ...
Concentric AI Included in Gartner’s 2023 Innovation Insight Report for Data Security Posture Management (DSPM)
The 2023 Gartner report, Innovation Insight: Data Security Posture Manage...
GLBA and Concentric AI: a Technical Explainer
The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services M...
FINRA 4511 Compliance with Concentric AI
What is the FINRA rule? The Financial Industry Regulatory Authority (FINR...
How Concentric AI helps you with CFTC 1.31 Compliance
The Commodity Futures Trading Commission (CFTC) Rule 1.31(c-d) is a U.S. ...
Meet CPRA Compliance with Concentric AI
The California Privacy Rights Act (CPRA) is a recent piece of privacy leg...
Achieving HITRUST certification with Concentric AI
What is HITRUST? HITRUST, the Health Information Trust Alliance, is a com...
Comparing Varonis, Netwrix, and others vs. Concentric AI’s DSPM Solution
Concentric and other vendors such as Varonis and Netwrix are some of the ...
A Technical Explainer on 23 NYCRR 500 and How Concentric AI can help
Businesses are obligated to protect sensitive data not just for the secur...
A technical explainer on Data Lifecycle Management: DLM framework explained
Today’s threat landscape produces a harsh reality: for organizations, a...
Automate Data Classification with Concentric AI
Modern cloud solutions and pervasive network connectivity have democratiz...
A technical explainer on PII protection
Reports of data breaches in the news are seemingly endless, as enterprise...
Re-imagine Data Security with Concentric Mind™
Applications and solutions that leverage deep learning and AI are prolife...
Identify and Remediate Data Risk with Concentric Risk Distance™
With massive data and cloud migration growth, collaboration and sharing h...
Data loss prevention: a deep dive
Data is one of an organization’s most valuable assets. But the defini...
Concentric AI is part of the newly formed Data Security Posture Management Category in the Gartner Hype Cycle for Data Security
Concentric AI Included in Newly Created Data Security Posture Management ...
Ballistic VC Leads $14.5M Round for Concentric
Today I’m proud to announce that Concentric has closed our series A rou...
Concentric Integrates MIP, Joins Microsoft MISA Security Alliance
As soldiers in the fight against cybercrime, Concentric understands how p...
We Have Been Recognized in 2021 Gartner® ‘Cool Vendors™ in Privacy’ Report!
Innovation, Relevance, Focus
Baron Capital on Data Security with Concentric
This eye-opening discussion reveals the practical realities Henry Mayorga...
Concentric Now Part of Box Technology Partner Program
We are now a part of the Box Technology Partner program! We’ve int...
Paying For It: Ransomware Protection Cost
Almost every IT project must, at some point, run the financial justificat...
The Four Horsemen of the Ransomware Apocalypse
In the New Testament, the Four Horsemen are punishments from God, and the...
Employee data access management
Most of an organization’s assets are not in a constant state of change....
Data Privacy Solutions: Company Nurse Case Study
Read as Henry Svendblad, Company Nurse CIO, describes the journey to data security in his own words.
To Zoom or not to Zoom – one company considers cybersecurity
Concentric’s spending plenty of time on Zoom right now. We’re doing e...
A Numbers Story: Cloud, Collaboration & Content Redefine Data Security
There is a tectonic shift in the data security space caused by three majo...
Avoid the Red Queen Effect in Data Access Governance
In Lewis Carroll’s Alice in Wonderland, Alice and the Red Queen find t...
Three Steps to Education Data Protection
This article originally appeared in Campus Security & Life Safety
Differences Between Structured and Unstructured Data Protection
Because I am both a cheapskate and own some screwdrivers, I’ve repair...
Zero Trust Solutions for Structured and Unstructured Data
Originally published in Security Boulevard
Reaction to DHS’ Mayorkas Address and Cybersecurity Zero Trust Model
On March 31st, Alejandro Mayorkas, Secretary of Homeland Security, gave a...
BIG Names “Risk Distance” 2021 Winner of the “AI Excellence Award”
Once again, Concentric notched another industry award win with BIG’...
We Are SC Magazine Rookie Security Company of the Year finalists!
A couple of days ago, we learned Concentric is one of SC Magazine’s...
Three Uses For AI in a Zero Trust Data Protection Framework
This article originally appeared in AI Journal. Few incidents encapsulate...
AI-Powered Zero Trust Data Access Governance
I recently had a chance to sit down with Dave Marshall over at VMBlog to...
User-Centric Data Access Governance
Today I’m pleased to announce the availability of two critical new ...
Zero Trust Data Access Governance in 2021
A customer in upstate New York, returning a copy of “The General’s Da...
AI Predictions and Guidance for Any Organization
I recently had the opportunity to share my thoughts about what 2021 might...
Twitter Hack and Data Access Governance
“This could have had a massive, massive amount of money stolen from peo...
Data security consequences of a distributed workforce
I recently wrote an article about how a distributed workforce and work fr...
The need for zero trust security a certainty for an uncertain 2021
What to expect in 2021? How the pandemic plays out will have a huge say o...
Webinar with Heidi Shey, Principal Analyst, Forrester – Key Learnings
We hosted our first webinar June 23 2020 and were glad to have Featured S...
6 questions that cut through AI hype in security
AI is the new buzzword in today’s cybersecurity market place of product...
Data Classification is the Linchpin in Cybersecurity
According to industry reports, there will be an 800% increase in enterprise data, and about 80% of it will be unstructured data.
Key steps an enterprise must take for GDPR & CCPA Compliance
GDPR and CCPA are data privacy regulations that are redefining how busine...
Right to be Forgotten – What enterprises need to do
Right to be Forgotten (RTBF) derives from a famous court case against Goo...
Careless Users: Biggest security risk to a company
It is common knowledge that data security teams must have a proactive pla...
Managing Risk More Effectively with FAIR Risk Methodology
Managing Risk More Effectively with FAIR
Company Nurse deploys Concentric for Data Access Governance
We’re proud to be a part of the Company Nurse story. By helping them fi...
Does Data Exfiltration Top Your List?
According to a recent survey of cybersecurity experts in “The CISO ...
Oversharing and The Cybersecurity Blast Radius
This article originally appeared in Forbes.
Karthik Talks to SafetyDetectives, Cybersecurity and Emerging Threats
I recently had the chance to sit down with Aviva Zacks from SafetyDetecti...
Karthik and Byron Acohido Discuss Twitter Insider Cyberattack
Byron Acohido’s The Last Watchdog blog is one of the best combinati...
Data Protection & Risk management: The Urgent and the Important
Dwight Eisenhower’s decision framework famously categorizes tasks based...
SolarWinds Breach, Data Security and What To Do About It
Since approximately last March, SolarWinds software updates have included...
How to Avoid Getting Killed by Ransomware
If you’re an IT security professional, mastering mystifying termino...
Company Nurse Healthcare Cybersecurity Case Wins Award
TMC recognized Concentric with a Cloud Computing Excellence Award based o...
Grassroots Data Security: Leveraging User Knowledge to Set Policy
When was the last time your job dealt you a good kick in the teeth? If yo...
Zero Trust For Data Security
I’ve been thinking about zero-trust and least-privileges access lat...
Ethics in AI
I recently had the opportunity to weigh in on the topic of ethics in AI. ...
Remote work in the age of COVID-19
I’m writing this from home in the midst of a multi-week shelter-in-plac...
Introducing Concentric MIND
Today I’m pleased to announce the availability of Concentric MIND, the ...
Concentric named CRN Emerging Vendor
I’m proud to announce Concentric was named one of CRN’s Emerg...
The Concentric Tenets: Daily values and behavior to aspire to
1. Our attitude and work ethic is everything What separates us is our att...
The Concentric Story
Risk is on my mind right now. That will surprise exactly no one: running ...
Data Protection in the Era of Unstructured data, Remote Work, and Collaboration
Over the last 2 months, we have been writing about what remote work means to data security. You can find some of those posts here
Twitter Makes AI Statement, Adds Fei-Fei Li to Board
Yesterday Twitter appointed Fei-Fei Li to their board of directors. Dr. L...
Cyber Security Risks of Working From Home
No one’s sure how long social distancing will last – but experts ...
Turn the Risk Management Paradigm On Its Head
Security policies don’t appear out of thin air. They develop over time,...
What I Heard @ RSA
I never miss an opportunity to learn something new from a customer – so...
Experts’ View on how to Comply with CCPA Security Requirements
We were on the ground at Synapse, Segment’s third annual user conferenc...