What AWARE Spring 2026 Revealed About AI and Data Risk

A lot of AI conversations stay comfortably abstract, full of trends and predictions that never quite connect to the work security teams are doing every day. AWARE Spring 2026 was different. What came through across five sessions was something more grounded and more urgent.

Security leaders, practitioners and analysts talked candidly about what's actually happening inside their organizations right now. The challenge they kept returning to wasn't new technology or new threats. It was a clear-eyed analysis of why the existing model for data security no longer holds. And the more they dug into it, the clearer the picture became.

AI hasn't just changed the tools. It's changed the problem.

The Gap Between Seeing Risk and Stopping It Is Getting Worse

For years, the assumption was that visibility was the hard part. If you could see your data, understand where it lived and track how it moved, you could protect it. That logic made sense when data moved at human speed and lived in known places.

AI has invalidated both of those conditions. Data now moves at machine speed, generated and reshaped continuously by models, agents and automated workflows. It spreads across environments faster than any security team can track, often in forms more sensitive than the original. And the window between when risk forms and when it becomes exposure has collapsed.

Ryan Windham, CEO of Forcepoint, put the stakes plainly.

AI doesn't just increase data volume. It compresses the time between creation, exposure and impact. AI is turning every millisecond of data use into a security decision. That's why the industry needs a new model.

That last sentence is the one worth sitting with. Not a new tool. Not a new policy. A new model. The old one was built around assumptions that no longer hold: that you could pre-assign access, classify data once and enforce with static rules. All three have broken down at the same time, and most security stacks were never designed to function without them.

The gap between visibility and control isn't a gap that better dashboards will close. It requires a fundamentally different approach to how security works.

Closing the Gap Requires an Architectural Shift

Bakshi Kohli, CTO and Head of Global Engineering at Forcepoint, made this concrete with a problem that's been hiding in plain sight for years.

To decide if data is safe to leave the endpoint, you have to take it off the endpoint to inspect it. That doesn't work and is broken. So we fixed it by bringing web intelligence directly to the source, closer to the data, closer to the user.

It's a striking example of how legacy architecture creates the very exposure it's supposed to prevent. But the endpoint story is just one part of a larger shift. The deeper point Bakshi made was about what data security actually has to look like now. Not a collection of controls applied at different points in the data lifecycle, but a continuous loop that understands context, evaluates risk and adjusts as conditions change. That's the foundation of Self-Aware Data Security and the Know, Adapt, Protect framework delivered through Forcepoint Data Security Cloud.

The biggest product reveal at AWARE was ARIA, and it matters precisely because of this. ARIA isn't a policy assistant. It's an intelligence layer embedded in the platform that correlates signals across Forcepoint DSPM, DLP, DDR and other solutions, then turns those signals into enforceable protection in seconds. It's what makes the continuous loop intelligent. And it's what moves organizations from reacting to risk to staying ahead of it.

The Organizations Getting This Right Built the Foundation First

This is where the AWARE conversations got most practical. Because while the architectural shift matters, it only works if the underlying data foundation is in place. And for a lot of organizations, it isn't.

Brian Johnson, Director of IT Security at Liberty University, has spent years making the case that security doesn't have to be a blocker. His argument is that the partnership has to start early.

Security has been known to be a place where good ideas go to die. That's something I fight against every day. I want vice presidents, directors, leaders to come to security and say, hey, we're thinking about doing this. We want to partner with you.

At Liberty University, that mindset is what made it possible to operate securely at the scale of a small city, more than 100,000 students across every time zone, while still supporting the open, innovative environment the university is built on. When security is a partner rather than a gatekeeper, the business moves faster, not slower.

The flip side of that story is what happens when organizations skip the foundation and deploy AI anyway. Salah Nassar, VP of Product Marketing at Forcepoint, made the consequences impossible to minimize.

Once it consumes your data, it's gone. If you unleash an LLM internally that has access to all your data and it consumed it, you just went from a single incident of one person accidentally uploading a file to your entire server of CRM data, PII data, intellectual property gone within seconds.

A single employee sending the wrong attachment is a containable problem. An LLM with unrestricted access to everything is not. The organizations that can adopt AI confidently are the ones that did the work of understanding and classifying their data before AI arrived. Those that didn't are one prompt away from a breach they can't contain.

That's exactly the foundation Eva Klein, Chief Customer Officer at Forcepoint, described when she talked about what the customers successfully navigating this transition have in common.

Customers are building a foundation that lets them see their data, understand risk and context, enforce consistently and adapt in real time as AI use evolves.

It's a deliberate approach, not a complicated one. See your data. Understand the risk. Enforce consistently. Adapt as things change. The organizations getting this right aren't the ones with the most tools. They're the ones that connected understanding to enforcement and built the discipline to keep both current.

A New Operating Model for Data Security

That's ultimately what AWARE Spring 2026 introduced. Not a new feature set, but a new way of thinking about the problem. AI has forced a reckoning with how data security actually has to work, and the organizations that recognize that early are the ones that will be able to move fast without losing control of their data.

The full sessions go much deeper than any recap can cover. Watch all sessions on demand at Forcepoint.com/aware. And if you want to see the new model in action, check out ARIA, Forcepoint's new AI assistant, the intelligence layer that correlates risk signals across the platform and turns them into enforceable protection in seconds.