In this episode with Stas Levitan, AI Governance Expert & Co-founder @ DeepKeep we dive deep into the wild west of AI security, shadow AI, and the real risks lurking behind your favourite GenAI tools. Stas shares hard-hitting insights on why most companies are blind to their AI usage, and how governance isn’t just about tick-box compliance — it’s about survival.

Here’s what we covered:

• AI Risk Starts Way Before You Deploy It Most think risk begins at runtime. Nope. It starts the moment you grab that model from a repo — and trust me, most are not as “safe” as they look.
• Shadow AI Is Everywhere Employees are quietly using ChatGPT, Gemini, and open-source models — often with good intentions, but zero oversight. Big risk, bigger blind spot.
• Guardrails Aren’t Optional Anymore Enterprise AI needs serious guardrails — not just generic APIs. Think AI-native tools that track, monitor, and enforce behaviour in real time.
• LLMs Don’t Forget… Ever Feed your chatbot personal data, and you might just see it pop up later — possibly in someone else’s output.
• AI Security ≠ Traditional SecurityFirewalls won’t save you here. This is about controlling model behaviour, not just access and networks. Totally different mindset needed.
• Big AI Providers = Not Enterprise-Ready The default tools don’t cut it. The second you fine-tune a model or use it with your data — you own the risk.
• EU AI Act Isn’t Just Hype — It’s Happening Risk assessments, monitoring, documentation — this isn’t optional for high-risk sectors. And no, you probably aren't ready yet.
• Step One: Get Visibility You can’t protect what you can’t see. Start by discovering what AI is actually being used in your org — you might be shocked.

It’s a frank and eye-opening conversation that every CIO, CISO, and compliance lead should hear. Tune in — and if you’re using GenAI without a plan, maybe… stop.

Stas Levitan can be contacted here

•DeepKeep official website: https://www.deepkeep.ai
•Stas Levitan LinkedIn: https://uk.linkedin.com/in/stas-levitan

The latest in Data Protection and Privacy Podcast by David Clarke
Follow me on Twitter @1davidclarke 98.6k Followers
Join Linkedin GDPR Group 30,475 Others Members for FREE
CoAuthor of an ICO certified GDPR scheme