公式動画ピックアップ
AAPL
ADBE
ADSK
AIG
AMGN
AMZN
BABA
BAC
BL
BOX
C
CHGG
CLDR
COKE
COUP
CRM
CROX
DDOG
DELL
DIS
DOCU
DOMO
ESTC
F
FIVN
GILD
GRUB
GS
GSK
H
HD
HON
HPE
HSBC
IBM
INST
INTC
INTU
IRBT
JCOM
JNJ
JPM
LLY
LMT
M
MA
MCD
MDB
MGM
MMM
MSFT
MSI
NCR
NEM
NEWR
NFLX
NKE
NOW
NTNX
NVDA
NYT
OKTA
ORCL
PD
PG
PLAN
PS
RHT
RNG
SAP
SBUX
SHOP
SMAR
SPLK
SQ
TDOC
TEAM
TSLA
TWOU
TWTR
TXN
UA
UAL
UL
UTX
V
VEEV
VZ
WDAY
WFC
WK
WMT
WORK
YELP
ZEN
ZM
ZS
ZUO
公式動画&関連する動画 [AI security for enterprises: avoid YOLO mode and the fear trap]
Enterprise AI security doesn't have to mean choosing between risk and results.
Most enterprises fall into one of two traps when it comes to AI security. The first: paralysis. Companies so worried about the implications of AI that they opt out entirely and fall behind. The second: recklessness — organizations so eager to adopt AI that they skip the governance, permissions, and protections that keep sensitive data safe. Call it YOLO mode.
Neither approach works. The good news: you don't have to choose between them.
In this video, we break down the real questions enterprises need to ask before deploying AI, and specifically before deploying AI agents, which introduce a distinct and often underestimated layer of security complexity.
What you'll learn:
When evaluating any AI vendor or partner, three criteria matter most. First, do you trust this company with your data? Second, do you have a contract with them, with specific terms they've agreed to? Third, as a bonus signal of maturity: do they hold compliance certifications that cover how their AI actually works?
On the agent side, the risks are more nuanced. Agents don't keep secrets well. That means three things need to be true before you deploy them at scale:
→ Permission structures: Are your agents operating only on the content they're authorized to access? If an agent can reach data a human couldn't, that's a gap.
→ Prompt injection protections: What happens if someone tries to trick the agent, through a malicious prompt or untrusted data fed into its context? This is one of the most active attack surfaces in enterprise AI right now, and most organizations aren't ready for it.
→ Action guardrails: What can the agent actually do? Agents that can take actions; sending emails, modifying files, triggering workflows, need hard limits on what those actions are and when they can be taken.
Get all three right, and you can move forward with AI confidently: unlocking real productivity gains for your teams while keeping your most sensitive content protected.
FAQs:
Q: What are the two biggest mistakes enterprises make with AI security? A: Being so cautious they avoid AI entirely, or being so eager to adopt AI that they skip governance and protections — what Ben calls "YOLO mode." Both create risk.
Q: What should I look for when choosing an AI vendor? A: Three things: (1) Do you trust them with your data? (2) Do you have a contract with specific agreed terms? (3) Do they hold compliance certifications covering how their AI works?
Q: Why are AI agents a special security concern? A: Agents don't keep secrets well. They can access, act on, and potentially expose data in ways that require specific controls, permission structures, prompt injection protections, and action guardrails, that standard AI tools don't always require.
Q: What is prompt injection and why does it matter for enterprise AI? A: Prompt injection is when someone tries to manipulate an AI agent by feeding it malicious instructions through untrusted data or crafted inputs. It's one of the most active attack surfaces in enterprise AI deployments today.
Q: What are action guardrails for AI agents? A: Guardrails are controls that limit what an AI agent can actually do, for example, restricting which files it can modify, which workflows it can trigger, or which systems it can interact with. Without them, agents can take unintended or harmful actions.
169162
2