Send email Copy Email Address

2025-09-11
David Baus

From New Oil to Digital Sovereignity: Rethinking Data in the Age of AI

Data has long been called the “new oil”, but in the age of AI, it has become far more than a raw resource. Every e-mail, chat, and document now carries both value and vulnerability, as information is repurposed, monetized, or pulled into systems beyond our control. For Raafat Hantoush, this shift was the spark behind CyberTide: a self-hosted, AI-native security platform designed to give organizations true sovereignty over their digital assets. Instead of relying on static policies, CyberTide’s context-aware AI understands European languages, classifies sensitive information in real time, and keeps data flows safe without interrupting the pace of work. In this interview, Hantoush reveals why the future of data protection isn’t just about compliance. It’s about control, trust, and enabling innovation without compromise.

CISPA: What have been the biggest challenges so far in building CyberTide – and what has surprised you?

Raafat Hantoush: The biggest challenge has been balancing the complexity of enterprise security with the speed of startup execution. Large organizations expect bulletproof compliance and integration from day one. What surprised me is how quickly the demand for AI data protection has grown. Companies now understand that their data is flowing into AI systems without guardrails, and they are actively looking for solutions.

What sets CyberTide apart from other security solutions on the market, in one sentence?

CyberTide is the first AI-native, self-hosted data security platform that delivers the most accurate detection of sensitive information in European languages eliminating false positives while staying easy to integrate and ensuring no data ever leaves the organization.

How does CyberTide actually recognize which data is sensitive or confidential?

Our self-hosted AI model is context-aware and trained for European languages, enabling it to analyze both structured and unstructured data. It scans information in real time, whether data is at rest in storage or moving through prompts, emails, chats, or cloud services, and classifies sensitive content such as financial records, health data, or personal identifiers with high accuracy. By understanding context, it minimizes false positives and delivers consistent protection across all channels.

What exactly does it mean that CyberTide is “AI-driven”?

It means that AI isn’t just an add-on; it’s at the core of our platform. From classification to context analysis to remediation, we use AI to continuously learn from data flows and user behavior, so our protection gets smarter over time instead of relying on static policies.

How does CyberTide protect data in programs we all know like emails, cloud services, or chat tools?

CyberTide integrates directly with everyday systems such as Microsoft 365, Google Workspace, Slack, Dropbox or GenAI Tools. It scans communications and files in real time, detects and classifies sensitive content, and then enforces policies—like blocking a risky share to a wrong recipient, encrypting a document, or alerting compliance teams without interrupting productivity.

In your opinion, how is our relationship with data changing? Both professionally and personally?

Our relationship with data has shifted from seeing it as passive storage to recognizing it as the most strategic resource in the digital economy. Data has long been called the “new oil,” but today it is actively commercialized—through AI and large language models, private and corporate data can be repurposed, monetized, or even locked into third-party systems without consent. Every email, chat, or document now carries both business value and risk. On a personal level, people are becoming much more aware of how their digital traces are used, and they are starting to value privacy in ways that weren’t common a decade ago. Looking at the bigger picture, even data protection acts themselves are still relatively young,  less than a decade old, which shows how quickly awareness and regulation are trying to catch up with technology. Data is no longer just record keeping. It's a matter of sovereignty, control, and competitive advantage.

What should companies concretely do today to responsibly handle AI and sensitive data?

Companies should begin by defining clear policies on how sensitive data is handled across all systems, but policies alone are not enough. The real challenge we hear from many CISOs is that they don’t actually know where all of their sensitive data sits, especially in today’s hybrid infrastructures where information flows between on-premise systems, cloud services, and AI tools. This lack of visibility and control creates major risks. The good news is that technology today can automatically classify data, map where it resides, and enforce protection in real time – far more reliably than manual processes or human vigilance. Combined with strong awareness and training programs, these technical controls give organizations both the visibility and the enforcement needed to handle AI and sensitive data responsibly.

Where is the journey with CyberTide headed? What is your long-term vision for the company?

Our vision is to become the trusted partner for data security and sovereignty for every European and global organization. In the future, we want organizations to innovate with AI without hesitation, knowing their data remains fully under their control and always safe: no matter which tools, clouds, or workflows they use.

What advice would you give to founders who want to start a tech startup themselves?

Don’t try to build everything at once and focus on solving one painful problem really well. Security customers value depth and trust over breadth. And be prepared: the sales cycles are long, but if you can prove real value, the impact and adoption will be massive.

Thanks for the interview, Raafat!

More information about CyberTide: www.cybertide.eu