Artificial Intelligence (AI)
Confidence in GenAI: The Zero Trust Approach
Enterprises have gone all-in on GenAI, but the more they depend on AI models, the more risks they face. Trend Vision One™ – Zero Trust Secure Access (ZTSA) – AI Service Access bridges the gap between access control and GenAI services to protect the user journey.
Organizations face four key security challenges when it comes to generative AI (GenAI) solutions. They need to make sure the ways AI gets used meet compliance requirements. They need to ensure sensitive data isn’t accidentally exposed, and that AI models themselves aren’t used to harm the organization. And they need to give network and security teams visibility into AI platforms to manage usage effectively. Trend Vision One™ – Zero Trust Secure Access (ZTSA) – AI Service Access meets these security needs by bridging the gap between access control and GenAI services to keep enterprises safe.
After the initial wave of generative AI (GenAI) adoption, enterprises are starting to think about deeper questions like, “How can we get the most value out of our AI models?” “How are those models going to change?” and, crucially, “How can we secure our organization’s use of AI?”
In a way, all three are related. AI models run on data—of which there will be about 175 zettabytes worldwide by next year. According to IDC, 80% of that data will be unstructured, a digital heap of screenshots, AI prompts, and collaboration app messages, most of which can’t be adequately identified or protected by legacy tools.
Instead of leaving that “unstructured data” unanalyzed, with no value to the organization, GenAI could ingest it and put it to use. But if no one knows what the data contains, GenAI could run the risk of exposing information that should be kept private.
Meanwhile, analysts at Gartner suggest that by 2027 more than half of the GenAI models used by enterprises will be industry-specific or tailored to a particular business function—up from about one percent in 2023. This will create new opportunities for organizations to optimize operations, boost employee productivity, and reimagine digital customer experiences. Though here comes another “but”: the more GenAI tools engage with confidential or competitively sensitive operational data, the greater the risk protected information could be leaked.
More of the risks enterprises already face
The risks around AI use of unstructured and operational data are similar to those confronting enterprises today. A company training a GenAI model to help boost gross margin, for example, must feed the model various types of corporate data. If that data isn’t classified correctly, sensitive data could be disclosed or misused when the AI generates content.
Basically, businesses adopting GenAI systems face four main security challenges:
- Visibility: Network and security operations center (SOC) teams lack visibility into AI platforms, preventing them from monitoring or controlling usage and managing the associated risks. This has a real impact on the organization’s overall security posture.
- Compliance: It can be difficult to implement company-wide policies and know who within the organization is using which AI service(s).
- Exposure: Sensitive data can be exposed accidentally by employees interacting with GenAI services or by the GenAI itself through an unauthenticated service response that results in improper data being provided to end users.
- Manipulation: Bad actors may exploit GenAI models with inputs crafted to trigger unintended actions or achieve a malicious objective (prompt injection attacks). Examples include jailbreaking/model duping, virtualization/role-playing, and sidestepping.
The zero trust approach provides an excellent framework for addressing security concerns while still allowing enterprises to take full advantage of GenAI as it evolves. ZTSA – AI Service Access makes it easy to apply by providing a cloud-native platform that protects any user accessing public or private GenAI services throughout an organization.
Closing the gap between GenAI and secure access
Trend Vision One™ ZTSA – AI Service Access enables zero trust access control for public and private GenAI services. It can monitor AI usage and inspect GenAI prompts and responses—identifying, filtering and analyzing AI content to avoid potential sensitive data leakage or unsecured outputs in public and private cloud environments.
Core capabilities of ZTSA – AI Service Access include:
- Real-time monitoring of all GenAI activities and immediate detection of AI content violations
- Centralized management of employee access to and use of GenAI
- Prompt inspection to prevent data leaks and malicious injections
- Content filtering to ensure compliance requirements are met
- Defense against large language model (LLM) attacks
Mitigate risks and maximize potential
ZTSA – AI Service Access also helps network and security administrators deal with specific GenAI system risks such as insecure plugins and extensions, supply chain attacks, and denial-of-service (DoS) attacks against AI models. By prioritizing these risks and proactively applying dynamic risk-based access control to GenAI services, security teams can enhance business resiliency.
For instance, an admin can have risk-based conditions run constantly for a selected number of users with an organization, monitoring their user risk scores continuously and enforcing access control rules to automatically block access to GenAI service(s) if needed.
ZTSA – AI Service Access also allows security teams to ensure that AI systems comply with ethical standards—for example, by monitoring and auditing LLM outputs for quality and accuracy. This is essential to transparency and accountability in security operations.
Meeting the full range of GenAI security challenges
ZTSA – AI Service Access addresses all four major challenges facing enterprises when it comes to GenAI security and supports zero trust practices.
| Security challenge | What you can do with ZTSA – AI Service Access |
|---|---|
| Visibility | Analyze and summarize access telemetry and history to monitor and secure the user journey. |
| Compliance | Benefit from holistic risk insights and apply risk-based, adaptive GenAI service access controls. |
| Exposure | Inspect GenAI prompts and responses to avoid potential sensitive data leakage and unpredicted responses. |
| Manipulation | Run advanced prompt injection detection to mitigate the risk of possible attacks from GenAI services. |
ZTSA – AI Service Access is integrated into the Trend Vision One™ cybersecurity platform for scalability and to strengthen the overall enterprise security posture while ensuring compliance and a unified user experience. With Trend Vision One, organizations can generate rich, adaptive risk and security assessments and implement zero trust architectures that align with their business goals. With ZTSA, no user or device is inherently trusted. Start your Trend Vision One™ trial today.
In the emerging AI era and against the backdrop of an evolving threat landscape, organizations of all sizes in all industries are trying to understand their risks around GenAI use. With the confidence of a zero trust approach to GenAI access control, they can embrace new capabilities and securely unlock business value.
More AI perspective from Trend
Check out these additional resources:
Protecting Consumers in the AI Era
Trend Micro Expands AI-Powered Cybersecurity Platform to Combat Accidental AI Misuse and External Abuse
AI in Cybersecurity