The cybersecurity landscape is undergoing a profound transformation, driven at its core by the rapid evolution of artificial intelligence (AI) and the dynamic nature of modern data flows. Jonathan Roizin, CEO of Flow Security—now part of CrowdStrike—offers a candid perspective on this shift, emphasizing that traditional notions of data security must be fundamentally reconsidered. Organizations face a reality where data does not reside statically within defined perimeters but is continuously moving across cloud services, SaaS platforms, and APIs. This evolution challenges long-standing defense models and calls for innovative approaches powered by AI.
Roizin underscores a pivotal shift from the classical perimeter-based security model to one centered on "data in motion." Historically, cybersecurity strategies hinged on securing endpoints and internal networks, under the assumption that data could be confined within organizational boundaries and safeguarded by controlling access points. However, with the migration to cloud environments like AWS, Microsoft Azure, and Google Cloud, and the adoption of over 130 SaaS applications per organization on average, static perimeters have dissolved. According to Gartner’s projections, by 2025, 85% of organizations will primarily operate in cloud-based environments, rendering perimeter-focused data protection ineffective.
This dispersion of data increases organizational exposure and complexity. The traditional Data Leakage Prevention (DLP) tools, initially designed to lock down endpoints and networks, are now inadequate as the "boundaries have been broken." Data security must be reimagined in a context where information constantly flows externally and internally, across a kaleidoscope of platforms.
On the other hand, AI offers transformative possibilities for defense. Flow Security employs AI-driven automation to provide continuous, real-time classification and monitoring of sensitive data flows. Unlike static or rule-based systems, AI allows for dynamic context-aware protection, proactively intervening as data moves and evolves. This marks a philosophical departure from passive alerting toward active prevention — security teams must not only detect risks but neutralize them before breaches occur.
Jonathan Roizin’s vision aligns with this future: security tools must evolve from mere observability to prevention mechanisms. They should operate like intelligent guardians at every point data travels, equipped with AI’s capacity to adapt and respond faster than traditional manual processes allow.
Moreover, the convergence of cloud adoption and AI-driven workflows means organizations must rethink their overall cybersecurity architecture. This involves investing in hybrid solutions that protect hybrid environments, integrating AI-powered monitoring across cloud and on-premises systems, and embedding security deeply in development and operational practices.
Organizations that successfully harness AI-driven real-time interventions—anchored in the reality that "you don’t even know what you don’t know"—will gain a decisive edge. This paradigm shift demands embracing dynamic, context-aware security architectures that move with the flow of data rather than attempting to stifle it within rigid borders.
As cybersecurity enters this new phase defined by fluidity, interconnectedness, and AI-enhanced vigilance, the future belongs to those who act decisively, innovate relentlessly, and embed resilience at every layer of their digital ecosystem.
By rethinking data security strategies to address these fundamental shifts, organizations can transform uncertainty and complexity into opportunities for robust protection and sustained trust in the digital age.
This analysis integrates Jonathan Roizin’s expert perspective with broader cybersecurity trends and practical recommendations, underscoring the urgent need to evolve beyond outdated security paradigms to AI-driven, proactive data protection in a cloud-first world .
Source: פורבס ישראל "Threats are fundamentally shifting – you don’t even know, what you don’t know, you don’t know": 1on1 with Flow Security CEO Jonathan Roizin - Forbes Israel
The New Reality: Data in Motion and Fluid Boundaries
Roizin underscores a pivotal shift from the classical perimeter-based security model to one centered on "data in motion." Historically, cybersecurity strategies hinged on securing endpoints and internal networks, under the assumption that data could be confined within organizational boundaries and safeguarded by controlling access points. However, with the migration to cloud environments like AWS, Microsoft Azure, and Google Cloud, and the adoption of over 130 SaaS applications per organization on average, static perimeters have dissolved. According to Gartner’s projections, by 2025, 85% of organizations will primarily operate in cloud-based environments, rendering perimeter-focused data protection ineffective.This dispersion of data increases organizational exposure and complexity. The traditional Data Leakage Prevention (DLP) tools, initially designed to lock down endpoints and networks, are now inadequate as the "boundaries have been broken." Data security must be reimagined in a context where information constantly flows externally and internally, across a kaleidoscope of platforms.
The Escalating Stakes: Cost and Complexity of Data Breaches
The gravity of evolving cyber threats is substantiated by escalating financial impact. IBM’s 2023 Cost of a Data Breach Report records an unparalleled average breach cost of $4.45 million. This record high illustrates not only the severity of incidents but also hints at the intricate complexity that organizations must navigate. The fragmentation of data across cloud apps and platforms complicates monitoring and protection, demanding adaptive responses rather than static defense postures.Artificial Intelligence: Double-Edged Sword in Cybersecurity
AI is at the heart of this transformation — but it is a double-edged sword. On one hand, adversaries harness AI to develop sophisticated attack vectors: phishing attacks powered by generative AI increased by over 2,000%, leveraging GPT technologies for highly authentic and persuasive communication. These newer threats evade conventional defenses by mimicking legitimate interactions and exploiting trusted communication channels, making detection painstakingly difficult.On the other hand, AI offers transformative possibilities for defense. Flow Security employs AI-driven automation to provide continuous, real-time classification and monitoring of sensitive data flows. Unlike static or rule-based systems, AI allows for dynamic context-aware protection, proactively intervening as data moves and evolves. This marks a philosophical departure from passive alerting toward active prevention — security teams must not only detect risks but neutralize them before breaches occur.
Toward Proactive, Real-Time Security Interventions
This shift from passive to proactive security is critical given current operational challenges plaguing security teams, such as overwhelming false positives and alert fatigue. AI-enhanced techniques promise high accuracy in understanding the context of activity, cutting through noise and enabling precise, targeted interventions. Such an approach aligns with the broader industry movement toward integrating AI-human hybrid models where automation amplifies human expertise rather than replacing it.Jonathan Roizin’s vision aligns with this future: security tools must evolve from mere observability to prevention mechanisms. They should operate like intelligent guardians at every point data travels, equipped with AI’s capacity to adapt and respond faster than traditional manual processes allow.
Broader Implications and Industry Trends
The challenges Roizin discusses are consistent with other findings across cybersecurity forums and industry reports. Phishing techniques have grown more advanced, employing compromised cloud services as attack vectors, eluding traditional detection, and exploiting identity as the new perimeter. AI’s role in both attack and defense is central, as attackers automate spear phishing and influence campaigns, while defenders deploy AI-based behavior recognition and automated remediation.Moreover, the convergence of cloud adoption and AI-driven workflows means organizations must rethink their overall cybersecurity architecture. This involves investing in hybrid solutions that protect hybrid environments, integrating AI-powered monitoring across cloud and on-premises systems, and embedding security deeply in development and operational practices.
Recommendations for Organizations and Windows Users
For organizations, adapting to this new security paradigm requires several decisive steps:- Embrace AI-Driven Security Solutions: Adopt tools that provide real-time, automated data classification and protection, moving beyond rule-based restrictions.
- Transition to Zero Trust and Identity-Centric Models: Since perimeter boundaries are eroding, verify every data access request dynamically, applying continuous risk assessment.
- Implement Layered, Adaptive Defenses: Combine cloud security, endpoint protection, behavior-based anomaly detection, and AI-powered threat hunting to build a resilient posture.
- Prioritize Continuous Security Awareness: Educate employees frequently about emerging phishing tactics and risks associated with AI misuse, as human factors remain critical.
- Keep systems updated with the latest security patches.
- Use phishing-resistant multi-factor authentication, such as hardware tokens or biometrics.
- Regularly review access permissions and audit unusual account activity.
- Stay informed via trusted community forums and cybersecurity resources.
Conclusion: A Call to Action in the AI-Driven Cybersecurity Era
Jonathan Roizin’s insights crystallize a fundamental truth in today’s cybersecurity landscape: the era of static, perimeter-bound data security is over. Threats are evolving in complexity and velocity, outpacing conventional defenses while simultaneously catalyzing breakthrough opportunities through AI.Organizations that successfully harness AI-driven real-time interventions—anchored in the reality that "you don’t even know what you don’t know"—will gain a decisive edge. This paradigm shift demands embracing dynamic, context-aware security architectures that move with the flow of data rather than attempting to stifle it within rigid borders.
As cybersecurity enters this new phase defined by fluidity, interconnectedness, and AI-enhanced vigilance, the future belongs to those who act decisively, innovate relentlessly, and embed resilience at every layer of their digital ecosystem.
By rethinking data security strategies to address these fundamental shifts, organizations can transform uncertainty and complexity into opportunities for robust protection and sustained trust in the digital age.
This analysis integrates Jonathan Roizin’s expert perspective with broader cybersecurity trends and practical recommendations, underscoring the urgent need to evolve beyond outdated security paradigms to AI-driven, proactive data protection in a cloud-first world .
Source: פורבס ישראל "Threats are fundamentally shifting – you don’t even know, what you don’t know, you don’t know": 1on1 with Flow Security CEO Jonathan Roizin - Forbes Israel
