The gap between how secure organizations think their unstructured data is and how secure it actually is keeps getting wider. A new joint survey from the Cloud Security Alliance and Thales pegs that confidence at 75%, even as the same respondents admit they can’t consistently say where their unstructured data lives, who owns it or how it’s flowing through their environments. That mismatch is the real story — and it’s where most of today’s data risk is hiding.

Alan Shimel sits down with Hilary Barron, AVP of Research at CSA, and Todd Moore, VP of Data Security Products at Thales, to walk through what the numbers actually show. Nearly a third of organizations say unstructured data is driving more than half of their overall data growth. Only about a third can answer the basic question of where that data resides. And on average, security teams are running eight or nine separate visibility tools that still don’t add up to a complete picture.

They dig into why visibility, not lineage or ownership, has become the foundational problem. AI and agentic systems are now generating new unstructured data across on-premises, cloud and SaaS environments faster than most teams can classify it, which means yesterday’s coverage gaps are widening every day. Barron and Moore explain why organizations are quietly shifting their priorities toward data lifecycle management — understanding what gets created, where it sits and when it should be deleted — over more sophisticated lineage projects.

The conversation also turns the AI argument on its head. The same agentic systems making the problem worse are also the most realistic path to actually solving it, by automating discovery and classification at a scale no human team can match. The takeaway is that the organizations getting ahead are the ones treating unstructured data visibility as a foundational security discipline, not a side project.