Your DLP Is Watching the Wrong Doors

DLP was built for a world that’s already gone.

Email gateways. USB blockers. Cloud sync inspection. File-move alerts. Every modern data loss prevention stack is engineered to catch the patterns we worried about a decade ago, when data left the perimeter as a file, through a known channel, on a managed device.

That world is gone and if your CISO, board, CIO don’t realize this you have a bigger issue.

Your data is now leaving as plain text. One paste into a browser tab. An employee on a personal device, on home Wi-Fi, asking ChatGPT to “clean up this client memo.” An associate dropping deal terms into Claude to draft a redline faster. An analyst pasting a full client list into Gemini to flag which accounts look like outliers.

None of that touches your DLP. None of it generates an alert. None of it shows up on any control map you’d hand an examiner.

In the regulated firms I assess, DLP keeps surfacing as a Critical observation, and not for the file-movement reasons most legacy programs were designed around. The real gap is the prompt-layer gap. The exfiltration channel nobody is measuring because nobody built a tool to measure it three product cycles ago.

That gap is everywhere. Mid-market financial services has effectively zero coverage of the AI prompt channel. Not because the technology doesn’t exist, browser-isolation controls, AI gateway proxies, and prompt-layer inspection all shipped in 2024 and 2025, but because nobody is procuring it, nobody is auditing for it, and nobody is briefing the board on it because let’s be honest companies largely care about the revenue side of the equation far more than the security. This is an amazing exfiltration vector that is completely overlooked. 

Here’s the part that should concern every CCO reading this. The SEC hasn’t asked yet. The SEC will. Enforcement always trails the technology curve by 18 to 24 months. Item 106 disclosures are already on the table. The first material misstatement action tied to undisclosed AI data flows will reset this entire field.

The fix isn’t a feature you bolt onto your existing DLP. It’s a category change. You need an inventory of every AI tool your employees actually use, not just the ones you’ve sanctioned. You need a control at the browser, at the network egress, or at the AI gateway. And you need an auditable record of what data moved through prompts, the same way you have one for what data moved through email.

If your current DLP report doesn’t include the word “prompt” anywhere in it, your DLP report is incomplete and vastly out of date.