Canadian Data Privacy Laws: What Organizations Need to Know Before It Gets More Complicated
Most organizations doing business in Canada know they have privacy obliga...
Blog
Explore our blog & insights
Subscribe to our blog to receive expert tips, industry trends, and updates directly to your inbox.
Subscribe
Subscribe
Subscribe
Featured
Google Gemini security risks and privacy concerns explained
Article refreshed and updated on May 21st, 2026. Key Takeaways: Gemini’s power is its deep Workspace reach, and that’s also its biggest risk. Because Gemini runs inside Gmail, Docs, Sheets, and Drive, it carries search-level access into everyday work. It treats available data as usable data without evaluating business context or intent. Your sensitive data ...
Is ChatGPT Secure? 10 Prompts You Don’t Want Your Employees Trying with ChatGPT
Generative AI is great until someone pastes confidential data into a publ...
2026 Microsoft Copilot Security Concerns Explained
Refreshed and updated on April 23rd, 2026. Key Takeaways: Copilot’s...
What Security Leaders Should Take from the New U.S. AI Policy Framework
Key Takeaways: On March 20, 2026, a new National Policy Framework for AI ...
SOX Compliance with AI: What Security Teams Need to Know
Key Takeaways: SOX compliance is no longer just a finance and accounting ...
Understanding ChatGPT security risks your team might be missing
Refreshed and updated April 1, 2026. Key Takeaways: In a dramatically sho...
What is Data Security Posture Management? Your Complete DSPM Guide
Refreshed and updated March 20th, 2026. Key Takeaways DSPM gives you visi...
How the City of Los Angeles Built a Culture of Strong AI Governance
When most organizations discuss AI governance, they typically begin with ...
PII Data Discovery Tools: How They Work and How to Choose the Right Solution
PII used to live where security teams expected it to live… in databases...
Data Loss Prevention (DLP) Software Tools: Top Vendors Compared in 2026
Sensitive data just won’t stay put. It moves constantly between inboxes...
The 5 Most Common AI Governance Mistakes Enterprises Make
If your AI governance started after the AI tool was deployed, it’s prob...
PII Data Discovery: How It’s Changed and Why It Matters
Most organizations already know they’re dealing with lots of personally...
Top Tips for Protecting Private Data in Financial Services
Data security is challenging for every business, but if you’re in finan...
What Is GenAI Data Security? A Practical Guide for 2026
Key Takeaways: For years, companies poured time and money into shoring up...
Snowflake Data Governance: What You Need To Know (2026)
Snowflake makes analytics fast. With that speed comes great risk, as that...
Structured vs. Unstructured Data: Understanding the Differences, How to Protect & Classify Both
Key Takeaways: Unstructured data is where the risk lives. Documents, emai...
Data Security Best Practices for 2026: What Works When Data Never Sits Still
Most data security programs fail for a simple reason: they were built for...
California Delete Act: What You Need to Know for Compliance
Data privacy laws used to move slowly. Then California decided consumers ...
A Guide to Claude Security: Risks, Privacy Concerns, Explained in 2026
Key Takeaways: Claude has quietly become the go-to assistant for people w...
What is Data Loss Prevention? Why traditional strategies fall short
Key Takeaways: Data loss prevention has been around for years. Most secur...
ITAR Compliance and ITAR Requirements: What Every CIO and CSO Needs to Know
Key Takeaways: ITAR isn’t just for traditional defense contractors....
What is data access governance? A practical guide to cloud DAG
Key Takeaways: 80% of enterprises have experienced an incident involving ...
The top 5 data security management challenges and how to address them
Refreshed and updated January 7th, 2026. Data security management used to...
Looking Back on an Extraordinary Year
Concentric AI has turned the page on 2025, and what a year of growth and ...
Understanding FINRA Rule 4511: Records, Requirements, and What’s Changed
What is the FINRA rule? The Financial Industry Regulatory Authority Rule ...
A guide to CMMC compliance
For years, cybersecurity guidance in the defense supply chain left some r...
10 ChatGPT Prompts Your Employees Should Never Use (Updated for 2026)
Your AI tool is already feeling like a trusted coworker. And it’s mostl...
What is data masking and how can it protect sensitive data?
With more sensitive data to manage and protect than ever, the more tools ...
CCPA Compliance in 2026: What Organizations Need to Know
Europe’s General Data Protection Regulation (GDPR) and California’s C...
A Guide to AI Security Posture Management (AISPM)
TL;DR: What You’ll Learn Topic Quick Summary What AISPM Is A continuous...
A guide to Data Security Governance
This article was refreshed and updated on November 14th, 2025. Data secur...
Investigating a data breach: the complete guide
Every enterprise will experience a breach sooner or later, but what matte...
How Role-Based Access Control (RBAC) Helps Data Security Governance
Article was refreshed and updated on Nov 5th, 2025. Key Takeaways: The fu...
What you need to know about the EU AI Act and how Concentric AI can help
Article was refreshed and updated on Nov 5th, 2025. Key Takeaways: The EU...
A guide to Salesforce Data Loss Prevention (DLP) and Data Classification
Article was refreshed and updated on Nov 5th, 2025. Key Takeaways: CRMs l...
A Guide to Federal Information Security Modernization Act (FISMA) Compliance in 2026
Key Takeaways: Few environments match the scale and scrutiny of federal I...
A Technical Guide to DSAR
How to Handle Data Subject Access Requests with Confidence and Automation...
Comparing SPII vs PHI and PII: A Sensitive Information Guide
Key Takeaways: Sensitive information has never been more vulnerable, or m...
Cybersecurity Awareness Month: GenAI Governance Is the New Cyber Hygiene
Every October, Cybersecurity Awareness Month kicks off with all the usual...
Everything security leaders need to know about using DSPM for GenAI
Generative AI (GenAI) didn’t wait for an invitation into the enterprise...
A technical guide to data retention
Businesses are swimming in data. Eight years ago, the average company m...
Data in Motion vs. Data at Rest: Security and Protection Explained
Key Takeaways: Data in motion and data at rest face different risks and r...
A guide to using AI for FERPA Compliance
Refreshed and updated September 10th, 2025. Key Takeaways: FERPA protects...
A Guide to Managing Data Deduplication
Refreshed and updated September 10th, 2025. Key Takeaways: Duplicate data...
A Guide to the Hidden Risks of Shadow AI
Key Takeaways: Shadow AI is the unsanctioned use of AI tools by employees...
Comparing DSPM, DLP, and Data Privacy
Updated and refreshed on 7/29/25. Key Takeaways: DSPM, DLP, and Data Priv...
Securing Data Wherever It Lives and However It Travels – We Take a Giant Step Today in Making That a Reality
When Madhu and I started Concentric AI, we took dead aim at what we saw a...
Discovering Your Data: Speed vs. Defensibility
As unstructured data sprawls across today’s ecosystem (cloud, on-prem, ...
2026 Ransomware Predictions & Prevention
Key Takeaways: Despite increased awareness and quality of defenses, ranso...
DSPM for AI: What It Is, Why It Matters, and How to Get It Right
Key Takeaways: AI is eating the enterprise. Today, customer service chatb...
Redefining the Role: My View of What Makes a CISO Great
Being a CISO today is a balancing act of strategic leadership, financial ...
What is the DORA Act? Security, Risk Requirements Explained
As financial institutions race to keep up with digital transformation, th...
A Guide to Data Classification Policies for Your Organization
Key Takeaways: If you’re serious about protecting your sensitive data, ...
The Time for AI Governance is Now — Here’s What It Takes to Do It Right
As organizations embrace the transformative potential of AI—from genera...
2026 Guide to Modern Information Lifecycle Management
Key Takeaways: Your data doesn’t politely announce when it’s expired....
RSA and the Agentic AI Bandwagon
I was at RSA last week—along with thousands of other security practitio...
Exploring DLP security: what is it and how should you approach it?
Data loss prevention (DLP) was supposed to be the savior of enterprise da...
A Guide to Automated Data Classification
Key Takeaways: Let’s talk about data classification. We know, it sounds...
AI Data Privacy: AI’s Role in Data Privacy Protection
Not long ago, it was only large businesses like enterprises that were man...
A Guide to Data and Access Sprawl
Massive cloud migration and digital transformation are inarguably great f...
A guide to India’s data privacy act (DPDPA)
Data privacy has never really been just a Western concern. With the rise ...
Data Security Posture Management (DSPM) Software Tools: Top Vendors Compared in 2026
Key Takeaways: DSPM answers three deceptively simple questions: where doe...
9 best practices for data governance in a healthcare setting
Note: this article has been updated & refreshed as of 2/25/2025 In th...
The importance of data classification levels and labels
Key Takeaways: Data classification categorizes data by sensitivity level ...
Reviewing data encryption technologies, new cryptography, and the latest trends
Key Takeaways: Encryption remains a critical layer of enterprise data sec...
A guide to data governance frameworks
Data is like the currency that drives business. It also drives innovation...
Exploring Generative AI Applications in Cybersecurity
Artificial intelligence (AI) has achieved remarkable advancements over th...
A guide to remote employee tracking and data leak prevention
While the shift to remote and hybrid work has opened up a world of opport...
Concentric AI’s Transformative 2024: Soaring Growth & Breakthrough Innovation
As 2024 comes to a close, the proverb – the days are long, the years ar...
Information walls & barriers in a data security context
Have you ever considered the invisible barriers that exist within your or...
What is data lineage? A technical guide
Note: this article was updated and refreshed on November 3rd, 2024 When i...
Concentric AI: Today was a significant milestone but we are just getting started
When we started Concentric AI five years ago, it was obvious that enterpr...
Exploring the Industry’s First AI-Based Copilot Access Governance Solution
AI tools like Microsoft Copilot are here to stay. Despite the security ri...
Strategies for improving M&A data security
Mergers and acquisitions (M&A) play a crucial role in the growth and ...
How to deploy DSPM and improve your security posture
In today’s digital and cloud-first business environment, understanding ...
A Guide to ISO 27701 Standards and Audits
The International Organization for Standardization (ISO) and the Internat...
What is shadow data and how should your organization protect against it?
As digital transformation and cloud migration become more commonplace in ...
Concentric AI Recognized in DSPM Category in Gartner’s Hype Cycle for Cyber-Risk Management 2024
Cloud computing has revolutionized the business landscape and is now prac...
Concentric AI Recognized in Gartner’s 2024 Hype Cycle for Backup & Data Protection Technologies
Knowing where all your data resides is like playing a game of hide and se...
Microsoft Purview and Concentric AI: Working Better Together
For organizations today, achieving robust data governance, compliance, an...
A guide to Cloud Data Loss Prevention (DLP)
With massive cloud migration and more data to manage than ever, protectin...
Comparing DSPM and CSPM
Cloud computing has revolutionized the way organizations store, process a...
Maintain HIPAA and HITECH Compliance with Concentric AI
As the healthcare industry continues to make strides in digital transform...
How Concentric AI works to complement the NIST CSF
What is the NIST Cybersecurity Framework? What you need to know The NIST ...
Exploring data classification strategies for GDPR
Key Takeaways: GDPR applies to any organization that handles personal dat...
How to achieve your data classification goals for PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a globally ...
A technical overview on meta and user-driven data classification
Modern enterprises struggle with massive growth in data, often exponent...
How to Add a New Superpower to Your Ransomware Defenses
It’s time again to talk about ransomware. We know it’s still happenin...
Data Detection and Response: the Complete Guide
What is Data Detection and Response? Data Detection and Response (DDR) is...
Data Security Posture Management in the Education Sector: What You Need to Know
Cyberattacks targeted at big-name businesses may take up most of the head...
DSPM Buyer’s Guide
In a business landscape where cloud migration is the norm and and the lik...
How Data Security Posture Management tools like Concentric AI can help secure Copilot Deployment
In a business landscape dominated by rapid digital transformation and AI ...
Are Data Security Solutions Worth It?
As data security moves up the priority list of almost every boardroom, pi...
How Concentric AI Can Lower Your Cyber Insurance Costs
Not long ago, only a small number of businesses and industries were conce...
How to Mature Your DSPM
If you’re in charge of protecting sensitive data, you know that the imp...
How Data Management Frameworks Can Enhance Data Security
As cloud technology becomes a centerpiece of business operations across a...
2023 Year in Review
As 2023 comes to a close, I can’t help but reflect on the convergence o...
Information Sensitivity: What It Is, The Risks, and How to Protect It
Organizations face a trifecta of challenges when it comes to protecting d...
How organizations can navigate the current status of state privacy laws
Not long ago, the term data privacy was considered a buzzword. Today, dat...
Navigating the New SEC Cybersecurity Rule with Concentric AI
The U.S. Securities and Exchange Commission (SEC) has recently introduced...
AI Executive Order: What businesses need to know
The AI Executive Order, signed by President Biden on October 30, 2023, ma...
Insider risk detection and response: a deep dive
To meet the demands of massive cloud migration and digital transformation...
Elevate Your Data Security Posture with Concentric AI’s Managed DSPM Solution
As cloud migration and digital transformation continue influencing IT ope...
Understanding Data Leakage and How Concentric AI Can Help Prevent It
It seems like it happens almost every day: a confidential data breach ap...
Understanding Data Exfiltration and How Concentric AI Can Help Prevent It
As businesses continue migrating to the cloud in monumental numbers, the ...
FCA and PRA (UK) Compliance with Concentric AI
The Financial Conduct Authority (FCA) and the Prudential Regulation Autho...
Concentric AI Receives Prestigious SINET16 Innovator Award
We are excited to announce that Concentric AI has been recognized as one ...
Beyond Trainable Classifiers with Concentric AI
Modern enterprises face a daunting challenge: managing the explosive grow...
Sensitive Data Discovery for Audio and Visual Files: A Technical Overview
Data is becoming the backbone of the modern organization. Today, business...
Breaking Language Barriers: A New Era in Data Security Posture Management
The shift towards a global business landscape combined with massive cloud...
Complying with Dutch Authority for the Financial Markets and the Central Bank of the Netherlands regulations
What are the AFM and DNB? The Dutch Authority for the Financial Markets (...
EBA Guidelines: How Concentric AI can help with compliance
The European Banking Authority (EBA) released the Final Report on the Gui...
Unveiling the Power of Privacy Personas in Data Protection
For the modern organization, data protection has evolved into a complex a...
Concentric AI Included in Gartner’s 2023 Data Security Hype Cycle for Data Security Posture Management (DSPM)
In today’s data-driven business landscape that has fueled massive c...
Concentric AI Included in Gartner’s 2023 Hype Cycle for Storage and Data Protection Technologies
Organizational data is everywhere: in the cloud, on premises, structured,...
Data Classification Redefined: Unleashing the Power of Archetypes
As the shift towards digital and cloud-based solutions accelerates, data ...
SEC 17a-4: What you need to know and how Concentric AI can help with compliance
What is the SEC Rule SEC 17a-4 SEC Rule 17a-4 is a regulation issued by t...
Concentric AI Included in Forrester’s Sensitive Data and Discovery Landscape
The Forrester Sensitive Data Discovery and Classification report discusse...
How Concentric AI helps boost compliance with the UK Data Protection Act 2018
What is the UK Data Protection Act 2018? The Data Protection Act 2018 is ...
Concentric AI Included in Gartner’s 2023 Innovation Insight Report for Data Security Posture Management (DSPM)
The 2023 Gartner report, Innovation Insight: Data Security Posture Manage...
GLBA and Concentric AI: a Technical Explainer
The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services M...
How Concentric AI helps you with CFTC 1.31 Compliance
The Commodity Futures Trading Commission (CFTC) Rule 1.31(c-d) is a U.S. ...
Meet CPRA Compliance with Concentric AI
The California Privacy Rights Act (CPRA) is a recent piece of privacy leg...
Achieving HITRUST certification with Concentric AI
What is HITRUST? HITRUST, the Health Information Trust Alliance, is a com...
Comparing Varonis, Netwrix, and others vs. Concentric AI’s DSPM Solution
Concentric and other vendors such as Varonis and Netwrix are some of the ...
A Technical Explainer on 23 NYCRR 500 and How Concentric AI can help
Businesses are obligated to protect sensitive data not just for the secur...
A technical explainer on Data Lifecycle Management: DLM framework explained
Today’s threat landscape produces a harsh reality: for organizations, a...
Automate Data Classification with Concentric AI
Modern cloud solutions and pervasive network connectivity have democratiz...
A technical explainer on PII protection
Reports of data breaches in the news are seemingly endless, as enterprise...
Re-imagine Data Security with Concentric Mind™
Applications and solutions that leverage deep learning and AI are prolife...
Identify and Remediate Data Risk with Concentric Risk Distance™
With massive data and cloud migration growth, collaboration and sharing h...
Data loss prevention: a deep dive
Data is one of an organization’s most valuable assets. But the defini...
Concentric AI is part of the newly formed Data Security Posture Management Category in the Gartner Hype Cycle for Data Security
Concentric AI Included in Newly Created Data Security Posture Management ...
Ballistic VC Leads $14.5M Round for Concentric
Today I’m proud to announce that Concentric has closed our series A rou...
Concentric Integrates MIP, Joins Microsoft MISA Security Alliance
As soldiers in the fight against cybercrime, Concentric understands how p...
We Have Been Recognized in 2021 Gartner® ‘Cool Vendors™ in Privacy’ Report!
Innovation, Relevance, Focus
Baron Capital on Data Security with Concentric
This eye-opening discussion reveals the practical realities Henry Mayorga...
Concentric Now Part of Box Technology Partner Program
We are now a part of the Box Technology Partner program! We’ve int...
Paying For It: Ransomware Protection Cost
Almost every IT project must, at some point, run the financial justificat...
The Four Horsemen of the Ransomware Apocalypse
In the New Testament, the Four Horsemen are punishments from God, and the...
Employee data access management
Most of an organization’s assets are not in a constant state of change....
Data Privacy Solutions: Company Nurse Case Study
Read as Henry Svendblad, Company Nurse CIO, describes the journey to data security in his own words.
To Zoom or not to Zoom – one company considers cybersecurity
Concentric’s spending plenty of time on Zoom right now. We’re doing e...
A Numbers Story: Cloud, Collaboration & Content Redefine Data Security
There is a tectonic shift in the data security space caused by three majo...
Avoid the Red Queen Effect in Data Access Governance
In Lewis Carroll’s Alice in Wonderland, Alice and the Red Queen find t...
Three Steps to Education Data Protection
This article originally appeared in Campus Security & Life Safety
Differences Between Structured and Unstructured Data Protection
Because I am both a cheapskate and own some screwdrivers, I’ve repair...
Zero Trust Solutions for Structured and Unstructured Data
Originally published in Security Boulevard
Reaction to DHS’ Mayorkas Address and Cybersecurity Zero Trust Model
On March 31st, Alejandro Mayorkas, Secretary of Homeland Security, gave a...
BIG Names “Risk Distance” 2021 Winner of the “AI Excellence Award”
Once again, Concentric notched another industry award win with BIG’...
We Are SC Magazine Rookie Security Company of the Year finalists!
A couple of days ago, we learned Concentric is one of SC Magazine’s...
Three Uses For AI in a Zero Trust Data Protection Framework
This article originally appeared in AI Journal. Few incidents encapsulate...
AI-Powered Zero Trust Data Access Governance
I recently had a chance to sit down with Dave Marshall over at VMBlog to...
User-Centric Data Access Governance
Today I’m pleased to announce the availability of two critical new ...
Zero Trust Data Access Governance in 2021
A customer in upstate New York, returning a copy of “The General’s Da...
AI Predictions and Guidance for Any Organization
I recently had the opportunity to share my thoughts about what 2021 might...
Twitter Hack and Data Access Governance
“This could have had a massive, massive amount of money stolen from peo...
Data security consequences of a distributed workforce
I recently wrote an article about how a distributed workforce and work fr...
The need for zero trust security a certainty for an uncertain 2021
What to expect in 2021? How the pandemic plays out will have a huge say o...
Webinar with Heidi Shey, Principal Analyst, Forrester – Key Learnings
We hosted our first webinar June 23 2020 and were glad to have Featured S...
6 questions that cut through AI hype in security
AI is the new buzzword in today’s cybersecurity market place of product...
Data Classification is the Linchpin in Cybersecurity
According to industry reports, there will be an 800% increase in enterprise data, and about 80% of it will be unstructured data.
Key steps an enterprise must take for GDPR & CCPA Compliance
GDPR and CCPA are data privacy regulations that are redefining how busine...
Right to be Forgotten – What enterprises need to do
Right to be Forgotten (RTBF) derives from a famous court case against Goo...
Careless Users: Biggest security risk to a company
It is common knowledge that data security teams must have a proactive pla...
Managing Risk More Effectively with FAIR Risk Methodology
Managing Risk More Effectively with FAIR
Company Nurse deploys Concentric for Data Access Governance
We’re proud to be a part of the Company Nurse story. By helping them fi...
Does Data Exfiltration Top Your List?
According to a recent survey of cybersecurity experts in “The CISO ...
Oversharing and The Cybersecurity Blast Radius
This article originally appeared in Forbes.
Karthik Talks to SafetyDetectives, Cybersecurity and Emerging Threats
I recently had the chance to sit down with Aviva Zacks from SafetyDetecti...
Karthik and Byron Acohido Discuss Twitter Insider Cyberattack
Byron Acohido’s The Last Watchdog blog is one of the best combinati...
Data Protection & Risk management: The Urgent and the Important
Dwight Eisenhower’s decision framework famously categorizes tasks based...
SolarWinds Breach, Data Security and What To Do About It
Since approximately last March, SolarWinds software updates have included...
How to Avoid Getting Killed by Ransomware
If you’re an IT security professional, mastering mystifying termino...
Company Nurse Healthcare Cybersecurity Case Wins Award
TMC recognized Concentric with a Cloud Computing Excellence Award based o...
Grassroots Data Security: Leveraging User Knowledge to Set Policy
When was the last time your job dealt you a good kick in the teeth? If yo...
Zero Trust For Data Security
I’ve been thinking about zero-trust and least-privileges access lat...
Ethics in AI
I recently had the opportunity to weigh in on the topic of ethics in AI. ...
Remote work in the age of COVID-19
I’m writing this from home in the midst of a multi-week shelter-in-plac...
Introducing Concentric MIND
Today I’m pleased to announce the availability of Concentric MIND, the ...
Concentric named CRN Emerging Vendor
I’m proud to announce Concentric was named one of CRN’s Emerg...
The Concentric Tenets: Daily values and behavior to aspire to
1. Our attitude and work ethic is everything What separates us is our att...
The Concentric Story
Risk is on my mind right now. That will surprise exactly no one: running ...
Data Protection in the Era of Unstructured data, Remote Work, and Collaboration
Over the last 2 months, we have been writing about what remote work means to data security. You can find some of those posts here
Twitter Makes AI Statement, Adds Fei-Fei Li to Board
Yesterday Twitter appointed Fei-Fei Li to their board of directors. Dr. L...
Cyber Security Risks of Working From Home
No one’s sure how long social distancing will last – but experts ...
Turn the Risk Management Paradigm On Its Head
Security policies don’t appear out of thin air. They develop over time,...
What I Heard @ RSA
I never miss an opportunity to learn something new from a customer – so...
Experts’ View on how to Comply with CCPA Security Requirements
We were on the ground at Synapse, Segment’s third annual user conferenc...