Risk management is not my day job, but I'm aware of a cottage industry of enterprise services and appliances to map out, prevent and mitigate risks. Pentest are part of those as are keeping up with trends and literature.

So on the subject of something like Recall or Copilot what tools and policies does an it manager have at their disposal to prevent let's say unintentional data exfiltration or data poisoning?

(Added later:) How do I make those less likely to happen?