As AI adoption accelerates, cybersecurity leaders are facing up to the fact that organizations can no longer rely on traditional approaches to protecting enterprise data. The rapid growth of AI agents, unknown identities, and autonomous systems has fundamentally changed the security landscape, making visibility and data-centric protection more important than ever.
When Tech-Channels met with Ray Security CEO Ariel Zamir at Infosec Europe, he explained that while conventional security models are struggling to keep pace, organizations should focus on protecting data rather than chasing every new AI agent. In his new way of thinking about risk prioritization, Zamir emphasized that security should focus on understanding who is accessing data, why they are accessing it, and whether that access should be allowed.
Q. Why is AI becoming one of the biggest challenges facing security teams?
A. Obviously, one of the most pressing issues today is the vast adoption of AI. Everybody has AI in their minds. But adopting AI is a little bit like walking alone at night in the desert and for CISOs that's dangerous. The lions in this case are like agentic AI and AI data access. They come at your data. They all are unknown. They pretty much attack you in the dark.
Q. Then how should organizations approach this explosion of AI agents?
A. There are two possible things you can do. You can either try to count all the lions in this desert and place a transmitter in the tip of the tail of each of them. Or you can just place a large chunk of meat inside a cage somewhere in the desert. You come back in the morning. You count the traces around the cage. Then you know where the lions were.
This is kind of what we do. We look at the traces of anything that tries to access enterprise data. It's infeasible to try to enumerate every possible agent that you have there. Most of the agents are unknown. Most of the AI access is unknown.
Q. Why is visibility the foundation of AI security?
A. Every piece of data you have has a lot of security around it. You just don't have a layer that orchestrates it. We connect with the data. We look at the traces whenever someone tries to access this data. We can then get you visibility.
We tell you here's the data somebody wants to access that you didn't know about. We can then block them. We're very proactive.
You can pretty much say, “Here are my data sources, find anyone who tried to connect and block them.” And you can pretty much say that in plain English. Our tool will just go ahead and do that for you, which saves you a lot of time.
Q. How does this change the way security teams interact with security platforms?
A. Many times people ask me, “It's a great visibility tool, but how do I start?” I tell them, you don't start by going through tables. You start by explaining, in plain English, what would you like to do. Find all the data that's accessed by unknown entities.
Get your list of these entities prioritized by how risky they look. Reach out to the people who own them. You can just write that sentence in plain English. The system will go ahead and do all that for you.
Q. Defenders are often tasked with protecting an enterprise’s “crown jewels.” Has the definition of what that is changed?
A. We prioritize the crown jewels. I've been doing it for the last 10 years. What I learned is that while the concept holds, our definition of crown jewels doesn't. We were trained to think of crown jewels as your sensitive data. Your Social Security numbers. Your email addresses. These are the crown jewels. But in reality, that's not crown jewels. It's just clutter. Instead, it’s the urgency of data that is important.
Q. There’s a lot of clutter on the security side, too. Why can too much security information become a problem?
A. You just gave me 500,000 alerts. They're all true. They're all accurate. I don't care. I feel as if I'm in the control room of Three Mile Island. Everything is blinking around me. I don't know which reactor is going to melt down. My vision is cluttered by your alerts.
There were maybe 1,000 that were actually relevant and urgent. About 99% of what you had there was just garbage. I could have left it out and nothing would have happened. Zero things.
Q. How should organizations think about protecting data?
A. We started thinking about prioritizing data by how urgently you need it. Do you need it during the next month? Next six months? During the next 12 months? Do you even need this data?
Once you start thinking about data this way, everything becomes way more contained. Now you can start reacting. And we can only deal with about 1% of the problem.
Q. How can organizations make security more manageable?
A. Don't try to count the lions. We'll tell you where the rest of the lions are. We'll tell you who tries to access the minimal amount of data that you actually need.
Q. What is the biggest lesson for CISOs in the AI era?
A. New agentic AI comes out every two hours, with crazy amounts of tools. Nobody can keep up with that. We secure the data. It turns out that this solves very beautifully a set of problems, preventing data leaks by either AI or humans.
Throughout the discussion, Speaker 4 argues that the rapid rise of AI demands a fundamental shift in cybersecurity strategy. Rather than attempting to identify and manage every AI agent or emerging threat, organizations should focus on the asset that ultimately matters most: their data.
His analogy of "counting lions" versus observing their tracks captures the challenge facing security leaders today. In a world where AI agents are multiplying faster than organizations can inventory them, visibility into data access, intelligent prioritization, and proactive orchestration offer a more practical and scalable path forward. By reducing noise, focusing on truly valuable data, and leveraging AI to simplify security operations, enterprises can move from reactive defense to proactive protection in an increasingly complex digital landscape.