Notifications
Clear all
Topic starter
06/06/2026 1:32 am
TL;DR: Most enterprise DLP tools cannot reliably stop sensitive data from being pasted into ChatGPT because they do not inspect the browser input field where the leak actually happens, according to Cyera. The practical lesson is that AI use needs context-aware policy, not just broader blocking, because productivity pressure is now outrunning approval-based security models.
NHIMG editorial — what this means for NHI practitioners
Questions worth separating out
Q: How should security teams stop sensitive data from being pasted into ChatGPT?
A: Start by enforcing at the browser prompt, not just at file upload or network egress.
Q: Why do traditional DLP tools fail for AI chat usage?
A: Traditional DLP tools often inspect files, email, or network flows, but pasted prompts happen inside the browser input field.
Q: What do organisations get wrong about allowing employee ChatGPT use?
A: They often treat approval as a binary yes-or-no decision instead of a data-governance problem.
Practitioner guidance
- Map prompt-channel exposure paths Identify where employees can paste regulated or proprietary data into AI chat sessions from managed devices, including personal accounts and embedded AI inside SaaS apps.
- Anchor AI policy to trusted data labels Use the same classification taxonomy your data team already maintains for customer PII, source code, financial records, and regulated fields.
- Separate sanctioned and unmanaged AI access Create distinct policy paths for enterprise AI tenants and consumer AI accounts on the same device.
What's in the full announcement
Cyera's full article covers the operational detail this post intentionally leaves for the source:
- Browser Shield policy examples for controlling pasted prompts in managed browsers
- How Cyera distinguishes enterprise ChatGPT sessions from personal accounts on the same device
- Examples of auto-redaction, warning, and hard-block actions by data class
- The inventory view used to map where ChatGPT is touching enterprise data
👉 Read Cyera's analysis of how to stop sensitive data leaks in ChatGPT →
ChatGPT prompt leakage: are your DLP controls keeping up?
Explore further
06/06/2026 2:43 am
Browser-prompt leakage is a governance gap, not just a DLP miss. The security issue is not merely that ChatGPT is popular. It is that data leaves a trusted environment through a browser interaction that legacy controls were never built to observe. This is a classic boundary failure between data governance and access governance, and it is most visible when organisations assume the endpoint already knows enough to decide safely. Practitioners should treat prompt submission as a controlled data-exfiltration path, not a casual user action.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: How do teams know whether AI prompt controls are actually working?
A: Look for whether the control is operating at the moment of prompt entry and whether it can distinguish data classes, account type, and destination. If users can still paste regulated content into personal AI sessions without warning or enforcement, the control is cosmetic rather than operational. Effective controls reduce silent leakage, not just alert volume.
👉 Read our full editorial: ChatGPT data leak controls expose the limits of enterprise DLP
