Databricks boosts data security with AI-powered suite
With cyberattacks becoming more sophisticated, the vendor's new set of features includes agents, AI-powered dashboards and integrations with specialists.
Databricks launched Data Intelligence for Cybersecurity, a set of features and integrations aimed at enabling customers to thwart data security threats with greater accuracy.
As many enterprises turn certain repetitive processes over to AI and expand their employees' access to data through AI tools such as chatbots and agents, their risk of exposure to cyberattacks increases if they don't have sufficient data and AI governance frameworks. Meanwhile, with AI enabling more frequent and sophisticated cyberattacks, data security is further compromised.
Data Intelligence for Cybersecurity, made generally available Sept. 30, uses AI to combat increasing data security risks due to AI, enabling Databricks customers to build agents in its Agent Bricks development environment designed to dispel cybersecurity threats. In addition, it includes real-time, AI-powered dashboards that provide insights into potential threats and lets users unify their security data to provide a single view of their organization's data landscape.
Given that the new features add security measures, they represent a significant addition for Databricks customers, according to David Menninger, an analyst at ISG Software Research.
"Cybersecurity involves massive data sets," he said. "Aggregating all the telemetry data across an enterprise's entire IT estate is a challenge. It can be expensive, plus it introduces additional latency into the threat detection and resolution process. Databricks Data Intelligence seeks to address those issues by leveraging the Databricks platform to unify cybersecurity data."
Based in San Francisco, Databricks is one of the pioneers of the data lakehouse. In recent years, like fellow data management vendors such as rival Snowflake and tech giants AWS, Google Cloud and Microsoft, the vendor has evolved to include AI development capabilities, including tools that enable customers to build and manage agents.
Protecting data
While overall malware threats are up only slightly over the past few years, from 5.4 billion in 2021 to 6.5 billion in 2024, encrypted malware attacks were up 93% in 2024 alone, suggesting rising sophistication among cybercriminals, according to Exploding Topics.
Historically, data governance frameworks have helped enterprises protect their proprietary data from cyberattacks. Such guidelines document proper use of data within an organization, simultaneously protecting the organization from data breaches and regulatory noncompliance while enabling employees to work confidentially with data. AI governance frameworks are intended to do the same with an organization's AI assets.
Cybersecurity concerns continue to grow as bad actors become more sophisticated in their attacks and as the number of devices continues to grow. Now with the advent of agents, the number of identities that must be tracked and secured is increasing dramatically as well.
David MenningerAnalyst, ISG Software Research
However, with agents and other AI applications communicating with outside sources such as large language models, and more non-technical people using data and AI tools to inform their work, data and AI governance frameworks aren't always perfect.
"Cybersecurity concerns continue to grow as bad actors become more sophisticated in their attacks and as the number of devices continues to grow," Menninger said. "Now with the advent of agents, the number of identities that must be tracked and secured is increasing dramatically as well."
Beyond the features that comprise Data Intelligence for Cybersecurity, the suite includes integrations with Databricks' security partners such as Abnormal AI, BigID, Deloitte, Obsidian Security and Varonis.
Regarding the potential efficacy of the new data security suite, the individual features in conjunction with the partnerships provide Databricks customers with a strong cybersecurity foundation, according to Menninger.
"Data Intelligence for Cybersecurity is really a 'build versus buy' decision -- or more likely a 'build and buy' decision," he said. "Databricks has recruited a reasonable ecosystem of cybersecurity partners, so enterprises can continue to work with their existing cybersecurity providers, but now they can extend that with Databricks agents."
Though heightened data security measures are necessary, in part because of the rapid rise in AI development, customer feedback helped provide Databricks with the impetus for Data Intelligence for Cybersecurity, according to Omar Khawaja, the vendor's VP and field chief information security officer. In addition, enterprises' longstanding struggle to combat cyberattacks played a role.
"We've heard from customers, partners and the industry alike that cybersecurity continues to be a data and AI problem," he said. "Enterprises are falling short in defending against increasingly advanced attacks because they're drowning in fragmented data and telemetry as well as struggling to operationalize AI in a meaningful way."
Traditionally, when fighting cyberattacks, security teams had to choose between speed and accuracy as well as context and cost, Khawaja continued. Data Intelligence for Cybersecurity aims to eliminate those tradeoffs by letting customers unite their data to better detect and respond to threats, he said.
Next steps
Looking ahead, Databricks plans to improve Data Intelligence for Cybersecurity by adding more AI-powered automation, increased agentic capabilities, stronger governance and more integrations with partners, according to Khawaja.
"Our goal is to keep pushing the boundaries of what's possible in unified, AI-driven cyber defense at scale," he said.
Adding more cybersecurity partners and integrations would be wise for Databricks as it attempts to add new customers and continue to grow, according to Menninger, who noted that not all data security vendors are included in Data Intelligence for Cybersecurity's ecosystem.
"One of the keys to expanding the user base will be to continue to expand the partner ecosystem," he said. "Enterprises have invested so much in their cybersecurity frameworks that they will be unlikely to switch platforms just to be able to take advantage of Data Intelligence for Cybersecurity."
Eric Avidon is a senior news writer for Informa TechTarget and a journalist with more than 25 years of experience. He covers analytics and data management.