TBW ADVISORS LLC

Tag: AnswerRocket

  • Whisper Report: What’s the next data breach our industry isn’t ready to handle?

    Whisper Report: What’s the next data breach our industry isn’t ready to handle?

    Published to clients: January 6, 2026                     ID: TBW2123

    Published to Readers: January 7, 2026

    Public: May 4, 2026

    Analyst(s): Dr. Doreen Galli

    Photojournalist(s): Dr. Doreen Galli

    Abstract:

    “This Whisper Report investigates the next data breach our industry isn’t ready to handle. It captures urgent insights from Put Data First revealing how emerging threats are reshaping risk landscapes. These include AI pipeline compromises, indirect prompt injections, company chat exfiltration, and deep fake-driven social engineering. Expert perspectives explain why traditional defenses fail. The report urges proactive strategies to secure data integrity across every stage of AI-driven operations before vulnerabilities escalate.”

    Target Audience Titles:

    • Chief Executive Officer, Chief Information Officer, Chief Technology Officer, Chief Data Officer, Chief Security Officer, Head of Data Strategy, Head of Information Security
    • Director of Cybersecurity, Director of AI Operations, Director of Risk Management, Director Data Governance Manager, Enterprise Architect
    • Data Scientist, Machine Learning Engineer, Cybersecurity Analyst, AI Operations Specialist, Risk Analyst, Cloud Security Engineer, Threat Intelligence Analyst

    Key Takeaways:

    • AI pipelines are vulnerable at every stage, requiring continuous protection of training data and outputs.
    • Indirect prompt injections can manipulate AI agents through unvalidated web content, creating hidden security risks.
    • Company AI chat data is a high-value target for exfiltration, exposing sensitive organizational insights.
    • Deep fakes amplify social engineering attacks, eroding trust and enabling data breaches through deception.

    What’s the next data breach our industry isn’t ready to handle?

    We took the most frequently asked and most urgent technology questions straight to the data and AI experts gathering at the Put Data First’s Inaugural event held at Planet Hollywood in Las Vegas. This Whisper Report addresses the question regarding the biggest AI risk no one in your organization is talking about as depicted in Figure 1.

    Figure 1. Prepare NOW for these Four Data Breaches

     

    1.      AI Pipeline Compromise

    Our first area to defend, was suggested by SafeBreach’s Hudney Piquant. “The AI pipeline I like to call it. It’s the pipeline of the data that you are the training data that you have and then your prompting that you’re doing and then the output like those three things I believe that that’s going to be the biggest breach that the adversaries will be looking at because if you’re able to really manipulate those things it’s going to affect the pipeline from a scalability perspective.” Hudney raises an important point that data needs to be always protected, every step of the way on its journey. For more research on how to protect data during execution see Industry Whispers: Public is Private -Confidential Computing in the Cloud.

    2.      Indirect Prompt Injections

    The next attack vector, brought by Mend.io’s Amit Chita, is subtle and exploits GenAI. “Indirect prompt injections. All the web contains websites. We take AI agents, we connect them to get information from these websites, but we don’t validate that it that this website doesn’t contain prompt injections within them. and they can manipulate our agents as they surf through the web. I think this is going to be one of the major issues that we’re going to deal with in the next coming weeks.” One may want to be careful where you let your agents roam!

    3.      Company Chat Exfiltration

    Our third attack vector is an insider and SaaS risk with significant exposure potential, highlighted by AnswerRocket’s Shanti Greene. “Exfiltrating company AI chats. So, the organizers like Open AI have done a good job of giving you a sandbox for your company to work within and they’re not training on your data. But being able to exfiltrate a company’s specific use and see what they’re prompting with could be interesting. There’s probably some interesting gold in that data.”

    4.      Deep Fakes

    Our final area of concern may not be a direct data breach but rather is a tool frequently leveraged to breach data and trust and is brought to us by The Agentic Manager’s Neil W. Smith. “The implications of deep fakes. We’re already used to AI being used for fishing expeditions, for extracting information from our databases. But what we don’t realize as humans is that we trust other humans to play by the rules more often than not. However, with deep fakes, both voice fakes, visual fakes, and context fakes, I think more and more humans are going to be fooled by the efficacy of deep fakes.” And the more humans that are fooled, the more systems can be compromised. Despite how widely discussed this topic is, deep fakes remain underestimated for their use in fraud and as a social engineering threat.

    Related playlists and Publication

    1. Whisper Report: What’s the biggest AI risk no one in your org is talking about?
    2. Whisper Report: What’s the next data breach our industry isn’t ready to handle?
    3. Whisper Report:  If you could make one data rule enforceable tomorrow, what is it?
    4. Whisper Report: What’s the best part about attending Put Data First live in Vegas?
    5. Industry Whispers: Public is Private -Confidential Computing in the Cloud.

    Corporate Headquarters

    2884 Grand Helios Way

    Henderson, NV 89052

    ©2019-2026 TBW Advisors LLC. All rights reserved. TBW, Technical Business Whispers, Fact-based research and Advisory, Conference Whispers, Industry Whispers, Email Whispers, The Answer is always in the Whispers, Whisper Reports, Whisper Studies, Whisper Ranking, Whisper Club, Whispers, The Answer is always in the Whispers, Vegas Convention Library, and One Change a Month, are trademarks or registered trademarks of TBW Advisors LLC. This publication may not be reproduced or distributed in any form without TBW’s prior written permission. It consists of the opinions of TBW’s research organization which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, TBW disclaims all warranties as to the accuracy, completeness or adequacy of such information. TBW does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by the TBW Usage Policy. TBW research is produced independently by its research organization without influence or input from a third party. For further information, see Fact-based research publications on our website for more details.

  • Conference Whispers: Put Data First 2025

    Conference Whispers: Put Data First 2025

    Las Vegas, NV October 27- October 29

    Published to clients: November 3, 2025                          ID: TBW2121

    Published to readers: November 4, 2025 am                    

    Published to Email Whispers: November 4, 2025

    Public with video edition: November 5, 2025

    Analyst(s): Dr. Doreen Galli

    Photojournalist(s): Dr. Doreen Galli

    Abstract

    Put Data First’s Inaugural event brought together a few hundred ranging from deep learning AI experts and data enthusiasts for in-depth, detailed conversations. Sponsoring vendors had demonstrations on-site to enable tangibility to their product capabilities. The event featured 23 round tables as opposed to keynotes and speakers providing an intellectually satisfying and successful networking experience for those involved.

    Coverage on Computer Talk Radio

    The Conference

    • The inaugural Put Data First made an impressive splash featuring AI experts with a long-standing track record in deep learning. This led to deep and insightful conversations by all.
    • Featuring 23 round tables, vendors at the show were prepared to show product demonstrations to attendees.

    Cautions

    • Friendly reminder: this research provides examples of what was shared with us at the event, not an evaluation, validation, or recommendation of the given technology.

    Conference Vibe

    After 3,000 steps, 30 videos, over 30 minutes of content including demos and a livestream, and a handful of fact checks, our coverage of the inaugural Put Data First held at Planet Hollywood in Las Vegas closes. Registration was easy to find once inside the conference section of Planet Hollywood. Rather than endless keynote speakers, this event featured approximately 23 round tables. In addition, vendors had demonstrations so one could tangibly understand the products. What I enjoyed most was the fact that the event was full of those with deep expertise in deep learning leading to deep conversations about the state and future of various forms of AI in our enterprises and society at large. Enjoy the walkabout of the conference space.

    We once again live streamed from on site. On Tuesday requesting those attending to find me to answer Questions 1-3, to introduce all to TBW Advisors LLC, and requesting assistance. Specifically, I requested assistance on your favorite videos for my segment on the November 14th broadcast edition of Computer Talk Radio.

    While at Put Data First 2025, we conducted research for three additional forthcoming Whisper Reports for our clients. The playlists are unlisted but available and will eventually fill in with the video version of the report so you may wish to bookmark these playlists.

    1. Whisper Report: What’s the biggest AI risk no one in your org is talking about?
    2. Whisper Report: What’s the next data breach our industry isn’t ready to handle?
    3. Whisper Report:  If you could make one data rule enforceable tomorrow, what is it?
    4. Whisper Report: What’s the best part about attending Put Data First live in Vegas?

    Readers and viewers wishing to experience the entire event are encouraged to view the Conference Whispers: Put Data First Playlist in its entirety. The playlist will be sited in the end screen, description, and as a pinned comment of the video edition.

    The video edition will conclude with gratitude towards those that contributed and a montage of responses to Question 4, “What’s the best part about attending the combination event live in Vegas?”

    Vendors and Demos

    As mentioned earlier, Put Data First vendors didn’t just show up, but showed up with demonstrations many of which we were able to capture. Kicking things off as many do with an Agentic Workshop for your leadership teams to get your organization on the right path. Led by established AI author, Neil W. Smith, his demonstrations were live conversations with those that attended and at the round tables.

    Putting data first, we will start with Mend.io whose platform can secure you application data. The demonstration shows how they help organizations pull back the shadows hiding what AI platforms are being leveraged withing their organizations. The platform monitors vulnerabilities in agentic and generative systems and tests them to ensure resilience against both known and emerging threats.

    If you are seeking to secure you environment, above and beyond and including the latest threats? SafeBreach shared the details of their breach and attack platform. During their demonstration, their shared how one could drill into the various aspects of the score to identify the exact weakness to address. Not only were automated updated possible, but one could simulate a red team or blue team against their environment.

    Enjoying all the newest forms of AI and convinced you want your own enterprise agentic solution? Lucky for you AnswerRocket was their to answer your need. If you have never seen or thought of the enterprise use case for the power of agentic AI, do enjoy their demo of its power.

    Finally, and perhaps the star of the show, are you tired of your generative models hallucinating? Interested in a fact-based model? Well established deep-learning expert Herb Roitblat, Ph.D. was there to share Reliath AI. The demonstration of his fact-based system quickly reveal the differences behind his straight forward concept. Answer based on building up from known facts. I look forward to watching how fast and far they can run and to discover where it shines most.

    Either way, fact-based models will be a critical model type to leverage in solutions that must be relied upon. Experienced AI solution developers know it’s not about a single model. The product/end result is about how a combination of models, methods, and agents are orchestrated to deliver the desired customer experience and required business outcomes that matter most.

    If you are embarking on any type of data journey, be sure to schedule your inquiry with your TBW Advisors LLC analysts. You can leverage our first-hand experience through-out your transformation and future proofing processes.

    Next Year’s Conference

    We do not have exact dates for Put Data First 2026 at the time of publication; however, it is scheduled to be mid-to-late July 2026 in Las Vegas.

    *When vendors’ names are shared as examples in this document, it is to provide a concrete example of what was on display at the conference, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document. Other examples products in the same category may have also been on display.

    TBW Advisors LLC Logo

    Corporate Headquarters

    2884 Grand Helios Way

    Henderson, NV 89052

    ©2019-2025 TBW Advisors LLC. All rights reserved. TBW, Technical Business Whispers, Fact-based research and Advisory, Conference Whispers, Industry Whispers, Email Whispers, The Answer is always in the Whispers, Whisper Reports, Whisper Studies, Whisper Ranking, The Answer is always in the Whispers, and One Change a Month, are trademarks or registered trademarks of TBW Advisors LLC. This publication may not be reproduced or distributed in any form without TBW’s prior written permission. It consists of the opinions of TBW’s research organization which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, TBW disclaims all warranties as to the accuracy, completeness or adequacy of such information. TBW does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by the TBW Usage Policy. TBW research is produced independently by its research organization without influence or input from a third party. For further information, see Fact-based research publications on our website for more details.