Aamir Sardar | Director Alliances, Thales CSP
More About This Author >
Aamir Sardar | Director Alliances, Thales CSP
More About This Author >
A few years ago, I was part of a team rolling out a new company-wide analytics dashboard. We’d spent months preparing—integrating multiple data sources, cleaning up messy datasets, designing sleek visualizations. On launch day, everything looked perfect… until someone noticed that a data feed from one of our financial systems wasn’t properly restricted. Sensitive figures that should have been visible only to a select few executives were now accessible to every department manager.
It wasn’t malicious—just a missed security control during the integration process. But suddenly, what was meant to be a proud milestone became a scramble: pulling access, issuing internal advisories, and reassuring leadership. The dashboard eventually recovered, but the damage to trust lingered far longer. That experience drove home a lesson: no matter how advanced your AI or analytics platform is, its value can evaporate instantly if you don’t have airtight control over sensitive data.
Confidence for AI and Analytics: Security Built In
AI and analytics have become essential to how organizations operate, innovate, and compete. As data volumes surge and cloud environments grow more complex, protecting sensitive information has never been more challenging—or more critical.
According to the 2025 Thales Data Threat Report, 69% of organizations view the rapid growth of AI ecosystems as their top AI-related security concern, and 73% are investing in AI-specific security tools. As AI adoption accelerates, 14% of organizations have experienced a data breach in the past year, highlighting the growing importance of data security. Even more alarming, almost 1 in 4 organizations aren’t confident about where all their sensitive data is stored.
These numbers paint a clear picture: as organizations expand their AI and analytics capabilities, data security, privacy, and sovereignty must also grow in tandem. And while GenAI is intensifying the focus on data security, hasty implementations raise the risk of data breaches. Because GenAI architectures are new for most security teams, prioritizing data security efforts is crucial.
That’s why Thales and Databricks have teamed up to offer a strong, integrated solution—one that helps organizations unlock the full potential of their data while keeping it safe, compliant, and under control.
Meeting the Challenge with Thales and Databricks
Databricks is redefining how enterprises unlock value from data and AI, powering innovation for over 15,000 organizations worldwide—including over 60% of the Fortune 500. The Databricks Data Intelligence Platform unifies data, analytics, and AI in an open, governed environment, empowering teams to collaborate seamlessly and make data-driven decisions at scale. As organizations expand their use of sensitive data to accelerate business outcomes, responsibly managing privacy, protection, and compliance is critical.
To help customers protect their data wherever it lives, Thales and Databricks have partnered to deliver enhanced data security, privacy, and compliance without compromising performance.
At the heart of this partnership is the Thales CipherTrust Data Security Platform (CDSP), which integrates seamlessly with the Databricks Data Intelligence Platform to deliver centralized encryption, tokenization, advanced key management, and data protection capabilities across hybrid and multicloud environments.
A Closer Look at the Integration
Through this integration, Thales CDSP provides Databricks customers with several enhanced security and data protection measures for their Databricks deployments, including:
- Bring Your Own Encryption (BYOE): Apply strong encryption, tokenization, masking, and redaction to sensitive data types, such as PII, financial records, or national IDs, within Databricks environments.
- Bring Your Own Key (BYOK) & Hold Your Own Key (HYOK): Maintain control over your encryption keys to meet the highest compliance and sovereignty standards.
- Integration with remote user-defined functions (UDFs) and external functions in Databricks: Enable seamless data protection workflows in AI and analytics pipelines.
At the core of this integration is Thales CipherTrust Manager, a centralized enterprise key management solution that supports both on-premises Luna HSMs and cloud-based HSMs, offering FIPS 140-3 Level 3 assurance for the most stringent security use cases.
Complementing this is Thales CipherTrust Cloud Key Manager (CCKM), which simplifies BYOK and HYOK operations across multiple cloud providers, ensuring that key lifecycle operations—such as creation, rotation, and revocation—can be performed with ease and control.
Why This Matters to Enterprises
With this joint solution, Databricks customers gain:
- A defense-in-depth security architecture, external to and independent of cloud provider controls.
- Built-in support for compliance mandates such as PCI DSS, DORA, HIPAA, NIS2, GDPR, SCHREMS II, NIST CSF, CCPA & the EU AI Act.
- The ability to enforce data sovereignty by keeping keys in a specified region or jurisdiction.
- Deployment flexibility across on-prem, hybrid, and multicloud environments, adapting to evolving IT strategies.
Driving Value for AI and Analytics at Scale
A friend once told me about leaving their front door unlocked in a quiet neighborhood for years, until one day they came home to find someone had been inside. Nothing huge was taken, but the sense of security was gone. In AI, many organizations leave their ‘front door’ open by not securing sensitive data across every stage of the AI lifecycle. And the cost of that oversight can be far greater than you think.
Security should never be an afterthought, especially when scaling AI and analytics initiatives. With the Thales and Databricks integration, organizations can confidently future-proof their data security posture while advancing their AI and machine learning workloads.
The combined solution enables secure implementation of zero trust and confidential computing architectures, ensuring sensitive data remains protected even in complex, distributed environments. Most importantly, it allows teams to maintain high-performance analytics capabilities without compromising on data confidentiality, regulatory compliance, or operational agility.
Protecting What Powers Your Business
AI and analytics platforms are powerful precisely because they bring data together—across teams, systems, and clouds. However, that same interconnectedness means that one oversight can create a ripple effect that extends across the entire business.
The Thales and Databricks integration is designed to prevent this, ensuring every dataset is classified, protected, and governed from the moment it enters the platform. That way, you can focus on delivering insights and innovation, knowing your data is secured by design, not just as an afterthought.
Read the solution brief to learn more: Thales Data Protection Solutions for Databricks.