UPDATED 12:35 EDT / MAY 02 2025

Rizwan Jan, VP and CIO of CNA, and Brian Vecci, field chief technical officer of Varonis, talk with theCUBE about new threats to data security at the RSAC 2025 Conference. SECURITY

Experts from Varonis and CNA share why protecting ‘crown jewels’ from shadow AI is paramount

In the age of artificial intelligence, data security is more of a priority than ever.

As enterprise AI adoption rapidly grows, so do security risks. The consequences could be dire for companies that do not have all their data in order when faced with AI-powered phishing and cyberattacks.

Rizwan Jan, VP and CIO of CNA, and Brian Vecci, field chief technical officer of Varonis, talk with theCUBE about the rise of shadow AI and its threat to data security at the RSAC 2025 Conference.

Varonis’ Brian Vecci (left) and CNA’s Rizwan Jan (center) talk with theCUBE about protecting data assets in advance of attacks.

“Nobody breaks into a bank to steal the pens,” said Brian Vecci (pictured, left), field chief technical officer of Varonis Systems Inc. “Data is what a threat actor is after. … of all the digital assets that enterprises have, data is what’s most important. It’s also what they have the most of and they know the least about. It’s very difficult to protect something when you don’t know what you have and where it is.”

Vecci and Rizwan Jan (pictured, right), vice president and chief information officer of CNA Corp., spoke with theCUBE’s Jackie McGuire at the RSAC 2025 Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed data security and the perils of Shadow AI. (* Disclosure below.)

Ensuring data security as shadow AI grows

Poor data management has become a central issue of AI adoption, but its effects go beyond siloed data and unreliable models. Companies that don’t understand the location of their “crown jewels” can end up paying millions to fix their mistake, according to CNA’s Jan — CNA is an independent, nonprofit organization that conducts research and analysis to support national safety and security.

“In 2024, when [UnitedHealthcare] got hit by that ransomware attack and they ended up paying $22 million just to get their data back and then $2-plus billion for reputational harm and to help their subsidiaries out, and [they] crushed 142 million Americans with their healthcare data,” he said. “Understand what your data sets are, take the AI out of that first, get your classification, your data classification in order [and] then you understand what you’re protecting.”

Research shows that employees are giving large volumes of data to AI in a phenomenon called shadow AI, which poses an additional risk to company security. Varonis enables employees to use generative AI tools while minimizing data exposure.

“Almost every company has a giant data swamp, and they have no idea what they have and where it is,” Vecci said. “It’s the unknown unknowns that are going to kill you, especially when you give people the greatest information retrieval tool ever.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSAC 2025 Conference event:

(* Disclosure: Varonis Systems Inc. sponsored this segment of theCUBE. Neither Varonis nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU