May 14, 20266 Min ReadAI/ML

What Does AI Data Readiness Actually Look Like at Scale? Lyft, SoFi, and Expedia Will Demonstrate at Gartner SRM 2026

Adobe Stock 1971925717
All Blog Posts
Nikki Ralston
Senior Product Marketing Manager

Most organizations I talk to have the same answer when I ask what their AI sees: "We're not entirely sure."

That's not a technology problem. It's a data governance problem - and it's the most consequential unsolved problem in enterprise security right now.

AI doesn't discriminate. Copilot, cloud-based agents, internal LLMs, can access everything their users can access, and synthesize it in seconds. Years of overpermissioned, unclassified data that security teams have been meaning to clean up is now directly in the path of AI systems that move faster than any previous tool your organization has deployed.

The good news is some organizations have actually solved this. At the Gartner Security & Risk Management Summit this June, three of them are sharing exactly how.

The AI Data Readiness Problem Is Bigger Than Most Teams Realize

Here's what I see repeatedly across security programs. Organizations are deploying AI faster than they're governing the data underneath it.

The data estate didn't get cleaned up before Copilot rolled out. Shadow data stores weren't fully catalogued before the internal agent went live. Classification policies that worked fine for DLP weren't built to handle the access patterns that AI introduces.

When AI systems traverse a knowledge base, they don't stay in their lane - they surface whatever they can reach. If sensitive customer records, financial data, or PII are accessible to a user, they're accessible to that user's AI tools. And AI doesn't just retrieve; it synthesizes and presents, which means the exposure risk compounds.

Governing AI data readiness means knowing three things with accuracy and continuity:

What sensitive data exists and where it lives. Not from a six-month-old scan. From a continuously maintained inventory that reflects the environment as it actually is today.

Who and what can access it. Not just humans; AI agents, service accounts, automated pipelines. The access surface for AI is substantially wider than traditional access models account for.

Whether it's classified correctly before AI touches it. Classification is the foundation. It's what DLP runs on. It's what Copilot safety controls enforce against. If the labels are wrong or missing, every downstream control fails.

Expedia operates 450 petabytes of cloud data. Lyft and SoFi each manage 70+ petabytes. These aren't edge cases — they're the environments where AI data readiness problems are biggest, and where solving them produces the most visible results.

What You'll Hear at Gartner SRM 2026

Sentra is at Gartner SRM all week — June 1 through 3 at National Harbor — and we've built the week around the practitioners who've done this work, not around slides about why it matters.

Here's what's on the calendar.

Wednesday, June 3: Gartner Solution Provider Session

From Data Risk to AI Ready: The Lyft & Expedia Playbook 11:15–11:45 AM | Gartner Solution Provider Stage | Maryland C Ballroom

Hear from the Lyft CISO and Expedia on how they tackled the AI data readiness challenge in 100+ petabyte environments - classifying, governing, and securing the data sprawl already in the path of their AI initiatives. As AI proliferates across the enterprise, the data underneath it becomes the greatest unmanaged risk. In this session, experts share the decisions, tradeoffs, and tools that built their foundation - and what it made possible at scale. Walk away knowing the data readiness essentials so your AI initiative succeeds.

If you're at Gartner SRM this is the one solution provider session you won’t want to miss on Wednesday.

Use the Garter Agenda App to register for:
From Data Risk to AI Ready: The Lyft & Expedia Playbook
11:15–11:45 AM, Wednesday June 11,2026

Monday–Wednesday Morning Roundtables

Invite-Only Breakfast Sessions | Sentra Meeting Suite

These small-group sessions are the intimate version of the stage conversation — tailored to the specific attendee group, with real back-and-forth on what's working and what isn't.

Monday, June 1 | 8:00–8:45 AM (Breakfast) Lyft CISO Chaim Sanders on how Lyft built continuous data readiness and governance in a 70+ petabyte environment. How they classified at scale, where they found the unexpected exposure, and what they'd do differently.

Tuesday, June 2 | 8:00–8:45 AM (Breakfast) Expedia Distinguished Architect Payam Chychi on governing a 450-petabyte environment — the sprawl problem, the AI data access challenge, and the architecture decisions that made classification actionable.

Wednesday, June 3 | 8:00–8:45 AM (Breakfast) SoFi Sr. Manager of Product Security Engineering Zach Schulze on making 70+ PB of cloud data AI-ready — including how they combined Sentra DSPM with Wiz CSPM to reduce noise and govern safely.

Seats are limited and these sessions fill fast. Register at the Gartner SRM 2026 event page →

Tuesday, June 2: CISO Executive Dinner

7:30–9:30 PM | Grace's Mandarin | National Harbor

An invitation-only dinner with a small group of security leaders, including the Lyft CISO and security teams from Expedia and SoFi. Small tables. No presentations. The kind of conversation that only happens when the right people are in the right room.

If you'd like to be considered for an invitation, reach out directly via the event page or connect with your Sentra contact.

Monday–Wednesday: Executive 1:1 Briefings

8:00 AM–5:00 PM | Sentra Private Meeting Suite

For security leaders who want to apply the Lyft, SoFi, and Expedia learnings to their own environment — what AI readiness actually means given your data estate, your AI initiatives, and where your exposure lives. Sessions are led by Sentra's head of product or customer implementations. No slides. Just the right conversation.

Book a 1:1 briefing →

All Week: Live Demos at Booth #222

See how Sentra discovers, classifies, and secures the data already in the path of your AI. The demo is built around your questions — bring the hard ones. The team onsite has worked with some of the largest data environments in the world.

Book a demo at the booth →

Why This Matters Right Now

Gartner SRM is the right venue for this conversation, and 2026 is the right year to have it.

AI deployment accelerated faster than most security teams anticipated. The governance frameworks, classification foundations, and access controls that data-driven AI requires were, in many cases, not in place when the rollout happened. Now those teams are working backward — trying to understand what their AI can actually reach, and whether the data feeding it is classified accurately enough to trust.

The organizations presenting at our events this week tackled this problem at a scale that most enterprises haven't reached yet. What they learned applies regardless of environment size: classification has to happen before AI touches the data, not after. The inventory has to reflect reality continuously, not periodically. And governing AI access requires a fundamentally different approach than governing human access.

If you're at Gartner SRM and this is the problem your organization is working on, the sessions above are worth your time.

See the full schedule and register at sentra.io/gartner-srm-2026 →

Explore more blogs

Sentra discovers, classifies, and governs every dataset AI can touch—from Copilot to Bedrock—at petabyte scale.
Adobe Stock 1971924974
May 14, 2026Yair Cohen
The OpenLoop Health Breach: Aggregator inconsistent data security triggers exposure of 716,000 Patients and 120+ Brands
Condor Wei
May 13, 2026Nikki Ralston
Daybreak Answers the Vulnerability Question. Here's the One It Doesn't.
Adobe Stock 361676574
May 8, 2026Ron Reiter
Mythos Is Already Here. The Question Is What Attackers Will Find.
Adobe Stock 378632421
May 7, 2026Yair Cohen
The Instructure Breach Was Salesforce. Again. Here's the Governance Problem Nobody Is Talking About.

Let’s get your data AI ready.

Make my data AI ready