At the NVIDIA GTC event in San Jose, Cyborg CEO Nico DuPont outlines a critical but under-appreciated risk in enterprise AI: the vulnerability of vector databases.
As organizations centralize their most valuable proprietary data into AI knowledge bases, they inadvertently create high-value targets for attackers. DuPont explains how Cyborg addresses this structural weakness through encrypted vector search, enabling organizations to secure sensitive data even while it is actively being queried. The conversation also explores broader shifts in AI infrastructure, the growing importance of data over models, and the emerging security challenges posed by agentic AI systems.
Core Takeaways
Securing the AI Knowledge Base:
- Vector databases are foundational to enterprise AI, enabling semantic search across massive volumes of unstructured data, but they also introduce a centralized security risk by aggregating sensitive information into a single system.
- Cyborg addresses this vulnerability with encrypted vector search, allowing similarity queries to be performed without decrypting the entire dataset, significantly reducing exposure while maintaining performance.
- The company’s flexible deployment model—either as a standalone database or as a proxy layered onto existing infrastructure—lowers adoption barriers for enterprises with established data architectures.
- As AI systems evolve toward autonomous agents, securing data access at the cryptographic level becomes essential to prevent misuse, misconfiguration, and emerging threats like prompt injection.
Key Quotes
The Hidden Risk in AI Architecture
“The most proprietary, the most valuable part of the AI pipeline is not the model or the embeddings—it’s the data that is specific to your organization. By centralizing that data in a vector database, you create a kind of honeypot where the blast radius of a breach becomes significantly larger than in a traditionally siloed system.
“Vector databases today are fundamentally ill-equipped to handle this risk because they operate on embeddings in plain text. Those embeddings can be inverted, meaning sensitive information can be reconstructed. So you have to treat them with the same level of security as the original data, but most systems simply don’t.”
Encryption Without Compromise
“The obvious solution is encryption, but traditionally that comes at a cost. If you had to decrypt everything during a search, performance would collapse. What we’ve built is encrypted vector search, which allows similarity matching directly on encrypted data.
“We only decrypt the most relevant results at the very end of the process. That means we can maintain performance comparable to existing vector databases while dramatically reducing plaintext exposure. It fundamentally changes the tradeoff between security and speed.”
Lessons from Building Too Early
“One of the biggest lessons I learned early on was the danger of over-indexing on technology and under-indexing on the problem. It’s easy to build something impressive technically, but if the market doesn’t need it yet, it doesn’t matter.
“We spent years developing encrypted vector search before the market was ready. For a long time, it felt like we might just be wrong. But with the rise of generative AI, the need for securing AI infrastructure has become obvious. Timing is everything, and you can only recognize it in hindsight.”
The Next Frontier: Agentic AI Security
“As we move into an agentic world, the challenge becomes much more complex. It’s not just about securing data at rest or in transit, but ensuring that autonomous systems only access what they are explicitly permitted to.
“The answer, again, is cryptography. If an agent doesn’t have access to the encryption keys, it simply cannot make sense of the data, no matter how it tries to retrieve it. That’s how you create a system that is resilient not just to attacks, but to misconfiguration and unintended behavior.”
