Meet us at Black Hat 2026 →

Introducing a Data Loss Threat Model for the Age of AI

ORION Security's Data Loss Threat Model maps how sensitive data can move and leave an organization, from traditional DLP paths to AI-native ones like MCP and shadow AI.

Data loss has always been one of the hardest problems in enterprise security. AI assistants, autonomous agents, and connected applications drastically changed how information moves, making the problem even harder.

To help security teams navigate this new reality, we built the ORION Security Data Loss Threat Model. With our framework, security teams can map both traditional and AI-native data loss scenarios, helping them understand where sensitive data can move, how it gets there, and whether they’re prepared to stop it.

Data Loss Has Changed. The Way We Think About It Hasn’t.

Security teams used to approach data loss through a relatively straightforward model. DSPM solutions helped them flag what sensitive data existed and where it lived, while DLP products monitored the handful of ways it could leave.

Even then, true data loss prevention was never actually achieved. Traditional DLP relied on anticipating every unauthorized path data could take, and the more applications and workflows an organization adopted, the more those policies broke down. That just generated false positives while still failing to prevent loss.

Then AI changed how data moved. A developer can grant an AI assistant access to an entire codebase. A business user can connect a personal AI account to Google Drive. These interactions don’t resemble the exfiltration paths traditional DLP was built to catch.

Security teams are left relying on DSPM to know what’s sensitive, without an answer to the real question: How do you stop data from leaving as employees adopt AI?

Too often, the response is reactive: increasingly specific policies or blocking AI tools altogether.

That’s why we built a data loss threat model for today’s world.

Introducing the ORION Security Data Loss Threat Model

The ORION Security Data Loss Threat Model is designed to provide security teams with a complete view of the modern data loss landscape.

Rather than organizing threats around specific products, vendors, or technologies, the framework models how enterprise data moves. Whether the destination is a USB drive, a personal ChatGPT account, or an unapproved MCP server, every scenario is represented as a path between a trusted source and an untrusted destination.

Each exfiltration path captures a distinct pattern of data movement and answers four fundamental questions:

  • Where does the data originate?
  • Where does it leave the organization?
  • How does it get there?
  • Which security controls can detect or prevent it?

This approach makes the framework independent of today’s technology landscape, enabling it to account for evolving AI applications, collaboration platforms, SaaS products – wherever enterprise data originates and travels.

The framework models both traditional and AI-era data loss scenarios. Traditional threats include email, public sharing links, USB devices, unmanaged applications, and external collaboration platforms. Alongside them are modern AI-native scenarios, including prompt submission to shadow AI, connected enterprise repositories, AI coding assistants, MCP servers, autonomous agents, and AI-driven workflows.

Together, these scenarios provide a unified view of how sensitive enterprise data can leave an organization today.

Every exfiltration path, investigation trace, and enforcement point in our threat model is based on real-world data movement we’ve observed across enterprise environments.

While not every organization faces every threat, the framework helps security teams understand which scenarios are relevant to their environment, evaluate whether existing controls provide sufficient visibility and prevention, and identify meaningful gaps.

From Threat Categories to Exfiltration Paths

Beyond providing a general overview of data-loss paths, the framework offers detailed trace examples based on real data-loss incidents, illustrating how an incident might unfold in practice.

For each path, the model provides the scenario description, the source and destination, a representative incident example, user context, file context, a step-by-step trace of data movement, and potential enforcement points that could prevent such an incident.

The trace view adds the operational detail an investigation actually needs: which user performed the action, what data was involved, and which step in the chain created the risk.

By breaking each threat down into a concrete sequence of events, the framework turns abstract categories into practical investigative paths. Security teams can use these traces to compare the model against their own environment and ask a more operational question:

If this happened here, would we know? And could we stop it?

From Threat Modeling to Real-Time Prevention

Apart from being a way to visualize modern data loss, this framework reflects how ORION itself approaches data loss prevention.

Every trace in the model reflects the same reasoning ORION applies as data moves through an organization in real time, not just what the data is and where it’s headed, but whether that movement should be allowed at all.

Combining the content itself with the surrounding context, such as the user performing the action, the systems involved, the destination, the method of transfer, and the organization’s existing trust relationships, ORION determines whether the movement represents legitimate business activity or a potential data loss incident.

While conventional DLP attempts to prevent data loss by matching predefined rules against predefined exfiltration paths, ORION reasons about the movement itself.

The result is a fundamentally different model for prevention – one built around reasoning rather than prediction. Organizations no longer have to anticipate every possible way data might leave the business before they can stop it.

Instead, ORION evaluates each movement in its full context, enabling the safe adoption of new applications, including AI tools, while preventing sensitive data from leaving the organization when that movement becomes risky.

A New Model for a New World

Every exfiltration path, investigation trace, and enforcement point in our threat model is based on real-world data movement we’ve observed across enterprise environments. Together, they represent a practical view of how sensitive data leaves organizations today and how security teams can begin evaluating whether they’re prepared for it.

Explore the framework, identify the scenarios that matter to your organization, and ask the two questions at the heart of every trace:

If this happened here, would we know? And could we stop it?

If you’d like to understand how these scenarios map to your own environment, we’d be happy to show you.

Explore the ORION Security Data Loss Threat Model.

More articles

We can stop data exfiltration
We can stop data exfiltration
We can stop data exfiltration
We can stop data exfiltration
We can stop data exfiltration
We can stop data exfiltration
Let Us Show You How