Asaf Kochan, President & Cofounder of Sentra, offering data security for the AI era.getty​AI assistants and co-pilots are already embedded in everyday workflows, but most organizations still don’t know what data those systems can access. That gap is significant because many traditional security approaches, including periodic data discovery scans, static access controls and signature-based DLP policies, were built for static data environments where information lived in known systems and access changed slowly. Today, data is constantly accessed, shared, copied and processed across cloud, SaaS and internal repositories, making it harder for security teams to know where sensitive data lives, who can access it and what AI systems are doing with it.AI connects directly into these environments, exposing weaknesses. They inherit existing permissions and interact with information at a scale that manual reviews were not built to handle. IBM’s Cost of a Data Breach Report found that 13% of organizations reported breaches involving AI models or applications, and 97% of those organizations lacked proper AI access controls. AI turns existing access weaknesses into active security threats.Many organizations already have data security tools in place, but they are often built on older assumptions about how data is accessed and governed. Security now has to go beyond visibility and border control alone, and toward continuous governance of data, access and usage.Here are three security practices to leave behind in the age of AI:​1. Treating Data Discovery As The End GoalData discovery is still necessary, but many organizations still approach discovery and classification as periodic projects. They scan data, produce a report and assume they understand risk. However, this approach breaks down in environments where new data stores, SaaS applications, users and AI workflows are constantly appearing and changing.A Cloud Security Alliance survey found that more than half of organizations have only partial visibility into where their data is stored, and nearly 70% report that most of their unstructured data remains unprotected. AI makes that problem harder to ignore because it can instantly expose information that previously sat ignored in a shared drive, archive or repository.Recent research has shown how easily this can happen. Simple prompt manipulation of AI agents connected to enterprise systems exposed sensitive data such as customer records and payment details. The weakness was not only the AI system itself, but the underlying data environment and permissions it relied on.Periodic discovery alone cannot keep pace with this type of environment. Security teams need continuous visibility and governance that shows where sensitive data resides, who can access it and how it is being used. The goal is to understand whether the data’s security posture, access and usage are appropriate, not simply whether the data exists.2. Managing Access Without Data ContextAccess decisions are often made without enough understanding of the data behind them. A user may have access because they belong to a certain group. A service account may retain permissions from an old workflow. An AI assistant may inherit access because it connects to an enterprise knowledge base. Each decision may have made sense at the time, but together they can create significant exposure.​Security teams often lack context around the business purpose of the data and why access is needed. File-level context, including which department owns the data, what type of information it contains and how sensitive it is, helps make access decisions more precise and less manual.Recent attacks illustrate how this plays out. In one case, compromised OAuth tokens from a third-party SaaS integration were used to access hundreds of enterprise environments. The attacker used inherited access to move through connected systems undetected. Sensitive data should remain protected regardless of how access was obtained, with posture management and activity monitoring applied at both the data layer and the perimeter.Security teams cannot stop at who has access. They need to know what data each team member, service account or AI system can reach, whether that data is sensitive, what actions it can take and whether that access still makes sense. That means connecting identity decisions to data sensitivity and enforcing least privilege based on both role and the data being accessed.3. Relying On Legacy DLP Without Accurate ClassificationTraditional data loss prevention programs were built for a more predictable data environment. They worked best when sensitive information followed familiar patterns, lived in known locations and moved through controlled channels.Sensitive data appears in unstructured documents, malformed files, collaboration tools and AI workflows that summarize, transform and combine information. Legacy DLP tools can miss this context or create noise by flagging activity that is not actually risky. Cybersecurity Insiders found that 88% of surveyed SOCs reported rising alert volume, while 76% identified alert fatigue as a top challenge.AI workflows further complicate detection because they can transform and aggregate data in ways legacy tools were never designed to follow. Accurate, granular classification has to become the foundation for enforcement. Security teams need context-aware classification that reflects how data is used across environments, including its sensitivity, business purpose, ownership and access patterns. Better context improves DLP, access governance and AI controls because every downstream decision depends on understanding what the data actually is.What’s Missing: An AI Data Readiness LayerThe three problems above share a common flaw: They treat security as static and siloed. But the deeper issue is structural. Most enterprises have invested in AI infrastructure—models, pipelines, compute—and in AI governance frameworks and guardrails. What almost none have built is a third AI data readiness pillar. That foundation starts with continuous discovery, classification and governance of the data feeding AI systems. Without it, infrastructure and policies rest on incomplete information. A misconfigured permission is no longer only a future breach risk. It can show up as an AI response surfacing the wrong content to the wrong person.Security teams need controls that work continuously across data, identity and AI systems together. Organizations that build this foundation, with continuous visibility, data-aware access control and accurate classification, will know what data AI systems can access, where exposure exists and which controls need to change before risk turns into an incident.Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?