Joerg Fritsch, VP Analyst at Gartner, explains that, driven by generative AI, Gartner predicts 75% of organizations will shift security spending to unstructured data by 2026. Specialized controls, expertise, and regulatory awareness are crucial.
As organizations increasingly adopt generative AI (GenAI) technologies, the spotlight is shifting toward securing unstructured data, including text, images and videos. This shift is driven by the critical role unstructured data plays in training and deploying AI models, which in turn enhances business value and innovation. However, the complexity and inconsistency in securing unstructured data pose significant challenges for organizations, especially as the volume and utility of such data continue to grow.
Adapting to New Data Security Challenges
The move to prioritize unstructured data security is expected to be a long-lasting trend, with Gartner predicting that by 2026, 75% of organizations running GenAI initiatives will reprioritize their data security efforts, shifting their spending from structured data security initiatives to unstructured data security initiatives.
As organizations pivot their focus, there will be a surge in demand for vendors specializing in unstructured data security solutions. These solutions include data classification, encryption and access control tailored specifically to unstructured data. This increased demand reflects the necessity for robust and adaptable security measures that can effectively protect the vast and varied types of unstructured data organizations now manage.
In tandem with this shift, the rising significance of unstructured data in driving business value and innovation compels organizations to develop expertise in unstructured data security. This development requires a dedicated investment in staffing, training and development, as managing the daily operation of mature controls for unstructured data cannot be simply added to existing staff responsibilities. Consequently, there will be a growing need for data security professionals who specialize in the management and protection of unstructured data.
Moreover, regulatory focus will also intensify, necessitating robust data security governance to navigate cross-border data transfer complexities. Enterprises will need to invest in data security governance (DSG) staff and controls to successfully navigate these complexities. Organizations that adapt to this shift and implement robust unstructured data security measures will gain a competitive advantage by leveraging GenAI with reduced security and compliance risks.
Strategic Steps for Enhancing Unstructured Data Security
To effectively manage the complexities of unstructured data security, organizations must take a proactive approach. Here are key steps to consider:
Invest in Specialized Controls
Organizations should prioritize investment in security controls specifically designed for unstructured data. This includes tools with advanced capabilities such as rapid data classification, entitlement management, and unclassified data redaction. Additionally, solutions that offer prompt engineering and output filtering can further enhance data security measures. By implementing these specialized controls, organizations can better protect sensitive unstructured data and mitigate potential risks.
Develop Expertise
Building a knowledgeable team is crucial for managing unstructured data security. Organizations should invest in staffing, training and development to cultivate expertise in this area. This involves hiring data security professionals with specialized skills and providing ongoing education to ensure they are equipped to handle the unique challenges associated with unstructured data. Developing this expertise will enable organizations to effectively manage data security and maintain a competitive edge.
Stay Informed About Regulations
Remaining informed about current and emerging regulations is essential for compliance and risk management. Organizations should closely monitor regulations related to privacy, data residency and the exposure of data to AI. By staying abreast of these requirements, organizations can ensure they are prepared to meet legal standards and avoid potential financial penalties. Implementing robust data security governance will further support compliance efforts and protect the organization from regulatory risks.
Additional analysis on cybersecurity and risk management will be presented during Gartner Security & Risk Management Summit taking place in India and Dubai in 2025.