alt Hacker NewsAnybody who has ever run an internal pentest knows there's dozens of different ways to game-over an entire enterprise, and decisively resolving all of them in any organization running at scale is intractable. That's why it's called risk management, and not risk eradication.
Risk management is not my day job, but I'm aware of a cottage industry of enterprise services and appliances to map out, prevent and mitigate risks. Pentest are part of those as are keeping up with trends and literature.
So on the subject of something like Recall or Copilot what tools and policies does an it manager have at their disposal to prevent let's say unintentional data exfiltration or data poisoning?
(Added later:) How do I make those less likely to happen?