Encrypt AI, Protect Your IP: DataKrypto Tackles the LLM Security Crisis While Redefining What Encryption Should Be
In the crowded, chaotic energy we’ve come to expect from the epic annual RSA Conference, some of the most meaningful conversations begin on the Expo floor and continue well beyond the bustling crowds, often over quiet, thoughtful dinners in beautiful San Francisco, California. That’s where I had the opportunity to meet with Luigi Caramico, Founder, CTO, and Chairman of DataKrypto, a company that’s fundamentally reshaping how we think about encryption, privacy and artificial intelligence (AI) security. For any organization serious about protecting its enterprise, intellectual property (IP) and AI investments, DataKrypto should be considered a must-have security partner and solution.
“Let’s Start at the Very Beginning” – What Legacy Encryption Really Protects, And What It Doesn’t
To borrow a line from the 1965 Academy Award-winning film, The Sound of Music, “Let’s start at the very beginning, a very good place to start.” When it comes to data security, the beginning is understanding what encryption does and doesn’t protect. “Most people believe their data is safe simply because it’s encrypted. They assume that once encryption is applied, their information is sealed up like money in a bank vault. But that belief overlooks major blind spots and gives organizations a false sense of security,” said Caramico. Using Caramico’s bank vault analogy, let’s explore common myths of legacy encryption, its shortfalls in securing data, and highlight how DataKrypto has closed the gaps.
Think of your data as the cash in a bank locked in a vault and securely stored (data at rest) and protected in an armored truck when it’s moving to another location (data in transit). That sounds secure, and most people assume this setup means their data is protected 100% of the time. Caramico points out, “It’s true that data is typically encrypted when it’s stored, known as ‘data at rest,’ using technologies like BitLocker or legacy hardware-based encryption. And while it’s commonly believed that data is also protected when it moves, known as ‘data in motion,’ this is only partially true,” he continued. “Protocols like HTTPS, TLS and VPNs can secure transmission paths, but they don’t guarantee end-to-end encryption of the data. In fact, the data is often decrypted at key handoff points, such as application endpoints or internal systems, exposing it to risk. These tools serve a purpose, but they often create a false sense of security.”
The most critical gap occurs when data is being used, for example, when a user queries a database, analyzes a report, or runs a machine learning model. In those moments, the data is traditionally decrypted, much like cash being removed from an armored truck, carried into the bank and counted by the teller in plain view. This is when the data is most vulnerable, and when legacy encryption provides no real protection. So, while your cash (data) feels protected, it is often exposed on a counting table in plain view and anyone with the right access (or wrong intent) can take it.
DataKrypto’s innovative model closes this gap by keeping the data encrypted at every stage of its life (ephemeral or long-term), not just when it’s resting or moving, but also while it’s in use. And this is not only an evolution of encryption technology, but as a critical application to the AI revolution, where security is still top of mind and top priority for all global organizations.
This is where DataKrypto’s value proposition becomes clear: True end-to-end encryption that allows data to remain protected not just when stored or moved, but even when used.
DataKrypto’s Revolutionary Approach
Instead of relying on conventional key distribution and decryption models, DataKrypto keeps data encrypted throughout its lifecycle. Their SDK allows developers to ensure that data never exists in a readable state, unless a human explicitly decrypts it, and even then, only small amounts at a time. Because the system can allow organizations to set policies allowing decryption in tiny, human-readable volumes, it turns large-scale data exfiltration attempts into detectable red flags. “One of the benefits of our model,” said Caramico, “is that you can easily detect anomalous behavior. If someone tries to decrypt 10,000 customer files, the system knows that it’s not human activity. It’s an indicator of potential compromise and attack. Humans are just not capable of consuming that much data.”
An Ecosystem-First Mentality
Unlike many security products that require complex integration or a rip-and-replace overhaul, DataKrypto provides a software development kit (SDK) that integrates seamlessly into existing applications and IT investments. It’s platform-agnostic and the design allows teams to seamlessly slide DataKrypto into existing DevSecOps pipelines. “We sell to and partner with developers,” Caramico said plainly. “If you control your source code, you can embed us. You don’t have to give up your dashboards, workflows and existing solutions. DataKrypto’s SDK can even feed usage and decryption behavior into existing data loss prevention (DLP) systems, providing real-time visibility into how encrypted data is accessed and how much.
No Keys, No Servers, No Problem
Perhaps the most revolutionary is DataKrypto’s approach to key management. “No hacker is going to break AES-256,” Caramico said. “They’ll just find a way to get the keys. And once they do, the data is accessible. With DataKrypto, the key doesn’t exist,” said Caramico. “We removed the obligation from servers to hold keys and, in the process, made data more secure and the ecosystem more manageable. That means even if a bad actor successfully escalates to admin or root, they can’t decrypt the data.”
In practical terms, this means that if a breach occurs, there are no endless quantities of golden keys for attackers to steal. DataKrypto isn’t just a protective layer; it’s a locked door with no keyhole. “Our encryption doesn’t degrade performance,” Caramico said. “It processes at one gigabyte per second per core. For most applications, the delay is measured in milliseconds, undetectable to humans.”
AI’s Soft Underbelly
Caramico was quick to point out the growing risk AI brings to the security landscape. “People are aggregating entire corporate knowledge bases into AI models, and those models become the single point of compromise.”
This consolidation of institutional knowledge and proprietary assets into a single, queryable interface turns LLMs into the most valuable and vulnerable target in the enterprise tech stack. “An LLM is no longer just a tool. It’s a massive investment and asset,” said Caramico. “You’re feeding it proprietary data, training it with your intellectual property, and building competitive advantage into a single, centralized engine.”
He explained that while stealing information from 50 databases used to take years, now that data is centralized in a single model. “Steal the model, and the AI will organize everything for you. You don’t even need to stitch it together. Intellectual property is now a ribbon-wrapped gift for bad actors.”
Beyond the value of the data inside the model, Caramico highlights a rarely discussed but critical technical risk: The fragility of how LLMs are built.
“Most AI models are written in Python, an interpreted language that’s not compiled,” he said. “That means anyone who gets access to the code can inject a line, tamper with its behavior, redirect outputs and poison the model. There’s no real barrier. It’s all in clear text,” highlighted Caramico. This openness, combined with the immense value of what’s inside models, makes LLMs an attractive soft target for theft, tampering and exploitation.
DataKrypto’s Innovative LLM Protection: FHEnom for AI™
That’s why DataKrypto’s newest release announced at RSAC 2025, FHEnom for AI, focuses on protecting both the model and the data it processes. By using Trusted Execution Environments (TEEs), DataKrypto ensures that input, output, and in-context documents sent to large language models (LLMs) are encrypted, even from the model’s owner.
“If someone steals the model, it’s useless,” said Caramico. “It only understands encrypted input and returns encrypted output. The key never leaves the TEE.”
DataKrypto’s FHEnom for AI addresses these urgent security gaps via a platform-agnostic solution designed to protect both:
- The model itself (extremely valuable intellectual property)
- The data flowing in and out of the model (as corporate, partner or customer assets)
FHEnom’s use of TEEs to isolate and protect both the input and output of the model ensures encryption keys are generated within the TEE and are never exposed, not even to the model’s owner. The model only communicates in encrypted form, meaning:
- Prompt inputs are unreadable to outsiders or AI providers
- Model responses are encrypted before returning to the user
- Even a stolen model is useless without the TEE and its encryption logic
This solves two major problems every organization should be concerned about: intellectual property theft and privacy leakage. Additionally, FHEnom prevents model poisoning, a growing threat where adversaries try to pollute AI behavior by inserting malicious training data. Without access to the training key, the model can’t understand or absorb new data and attackers are left holding an empty bag.
Why DataKrypto Matters Now to Every Enterprise in the AI Revolution
FHEnom for AI arrives at a moment when enterprise interest in AI is skyrocketing, but foundational security practices are lagging. Few organizations have treated their models as IP assets on the balance sheet, yet they increasingly contain the crown jewels of company knowledge, strategy and innovation. DataKrypto’s solution reframes this reality if LLMs are where a company stores its smartest thinking, then they deserve the strongest protection.
Unlike many niche AI security efforts, FHEnom for AI is immediately applicable and impactful to AI strategies and business bottom lines. The technology is designed to work across a wide range of environments, whether in-house or in the cloud, and whether the user is a developer or an organization running open-source models. There’s no rip-and-replace and no lock-in. FHEnom can be integrated seamlessly to encrypt AI infrastructure without compromising performance, sustainability or functionality KPIs.
Encryption often feels like a subject only a mathematician could love. But Caramico’s explanations, from armored cash trucks to poisoned AI wells, make it clear that DataKrypto isn’t building security solutions for machines. They are building security-critical infrastructure to protect people in every global community.
DataKrypto: Encryption for the Digital Supply Chain Security Era
The real world is a dangerous place, and organizations are concerned about implications to assets in regions with geopolitical instability, the most recent example being Russia’s invasion of Ukraine. With Russia cutting internet access to the entire country early in the conflict, data centers went offline, networks were cut off and assets were exposed. Many companies realized the need for a better encryption solution that would ensure their intellectual property, customer data and other PII remained inaccessible to intruders.
The goal isn’t just stronger encryption, it’s encryption that is constant, context-aware, and human-centric. As artificial intelligence and digital supply chains blur the lines of where and how data lives, DataKrypto is carving out a model where encryption becomes the default state, not a temporary condition.
“In traditional setups, every database, every application server has its own key. You’d have to wipe every one of those, and in the example of Ukraine, there was no notice or time to find every key and secure every asset,” Caramico said. “With DataKrypto, disable one key for an entire country or region and it’s done. No access!”
This simplified key structure turns chaotic disaster recovery scenarios into single-action response plans. And as geopolitical instability increases, so does demand for solutions that minimize risk across AI, cloud, edge and on-prem environments. All parts of mission critical digital supply chains the governments and critical infrastructure companies are obligated to protect.
Conclusion and Final Thoughts
Datakrypto, simply put, is a massive game-changer that every organization, of every size, in every region should engage and deploy today. A very impressive technology with immediate benefits to IT, Security, AI and the business overall. Beyond the technology, the team is knowledgeable, engaging, and will prove to be a fantastic technology and security partner long term. Something I hear every IT and security leader’s voice as a priority.
Finally, having evaluated pre-A Round technology startups for venture capital (VC) firms in the past, I am going to put my name on this one. The smart (and lucky) VC firm will hop on DataKrypto…yesterday!
