← Resources

From Innovation to Oversight: How WTA Is Balancing GenAI Adoption with Enterprise Guardrails GenAI Security

GenAI Security
Webcasts

August 11, 2025

min read

Highlights

  • WTA is rolling out GenAI tools like Microsoft Copilot across a global sports organization.
  • Oversharing, hallucinated outputs, and shadow AI are major risks.
  • Paul Sheth, CISO & Head of IT & Development, WTA emphasizes cross-functional collaboration, policy-first governance, and scalable technical controls to enable secure innovation.

Unlocking GenAI in the Enterprise — Without Opening the Floodgates

GenAI is transforming how teams across every industry operate — and global sports is no exception. In this episode of the Oversharing webcast, we sat down with Paul Sheth, CISO and Head of IT & Development at WTA (Women’s Tennis Association), to explore how GenAI is being rolled out across a distributed, multi-stakeholder organization — while keeping data exposure and shadow AI in check.

“We’re not trying to stop GenAI. We’re trying to enable it securely, with the right frameworks in place.”
Paul Sheth, CISO and Head of IT & Development, WTA

Where GenAI Delivers Value: From Emails to Travel Ops

WTA sees GenAI adoption touching nearly every workflow — from refining internal communications to simplifying travel and scheduling. Copilot and other LLM tools act as virtual assistants that improve productivity across departments.

But with that value comes risk: data must be input to be useful. And that brings us to the problem of oversharing.

Oversharing Is the #1 Risk

Paul didn’t mince words: oversharing is the most immediate risk for organizations adopting GenAI. Because large language models ingest whatever data they can access — structured or unstructured — anything exposed in SharePoint, OneDrive, or team folders is fair game.

“You might have athlete PII, pre-release financials, or rankings exposed, and the model won’t know what’s sensitive. That’s your job.”
Paul Sheth, CISO and Head of IT & Development, WTA

Governance, Not Guesswork

To stay ahead of risk, Paul recommends a layered strategy:

  • Start with policy: Tailor it to your regulatory context, partner ecosystem, and member model.
  • Create frameworks for data classification: Especially for what should never go into a GenAI tool.
  • Establish a trust layer: Introduce tools (like Opsin) that act as policy enforcement and input sanitization middleware.
  • Phase your rollout: Secure the core org first, then expand to partners and stakeholders.

Technical Guardrails Must Match the Pace of Innovation

WTA’s security team is developing controls to monitor and detect:

  • Input misuse
  • AI-generated hallucinations
  • Unapproved third-party tool use
  • Shadow AI adoption
“We’re building a trust orchestration layer,  not to restrict, but to help the business execute safely and efficiently.”
Paul Sheth, CISO and Head of IT & Development, WTA

Final Takeaway: Enable, Don’t Forbid

Paul’s advice to security leaders is clear: “If you try to block GenAI, users will just go around you.” Instead, lean into education, shared accountability, and composable controls that adapt over time. This isn’t about enforcing with fear. It’s about building confidence with care.

Ready to dive into the full discussion? Watch the webcast at the top of this page.

About the Author

LinkedIn icon

From Innovation to Oversight: How WTA Is Balancing GenAI Adoption with Enterprise Guardrails GenAI Security

GenAI Security
Webcasts

Highlights

  • WTA is rolling out GenAI tools like Microsoft Copilot across a global sports organization.
  • Oversharing, hallucinated outputs, and shadow AI are major risks.
  • Paul Sheth, CISO & Head of IT & Development, WTA emphasizes cross-functional collaboration, policy-first governance, and scalable technical controls to enable secure innovation.

Unlocking GenAI in the Enterprise — Without Opening the Floodgates

GenAI is transforming how teams across every industry operate — and global sports is no exception. In this episode of the Oversharing webcast, we sat down with Paul Sheth, CISO and Head of IT & Development at WTA (Women’s Tennis Association), to explore how GenAI is being rolled out across a distributed, multi-stakeholder organization — while keeping data exposure and shadow AI in check.

“We’re not trying to stop GenAI. We’re trying to enable it securely, with the right frameworks in place.”
Paul Sheth, CISO and Head of IT & Development, WTA

Where GenAI Delivers Value: From Emails to Travel Ops

WTA sees GenAI adoption touching nearly every workflow — from refining internal communications to simplifying travel and scheduling. Copilot and other LLM tools act as virtual assistants that improve productivity across departments.

But with that value comes risk: data must be input to be useful. And that brings us to the problem of oversharing.

Oversharing Is the #1 Risk

Paul didn’t mince words: oversharing is the most immediate risk for organizations adopting GenAI. Because large language models ingest whatever data they can access — structured or unstructured — anything exposed in SharePoint, OneDrive, or team folders is fair game.

“You might have athlete PII, pre-release financials, or rankings exposed, and the model won’t know what’s sensitive. That’s your job.”
Paul Sheth, CISO and Head of IT & Development, WTA

Governance, Not Guesswork

To stay ahead of risk, Paul recommends a layered strategy:

  • Start with policy: Tailor it to your regulatory context, partner ecosystem, and member model.
  • Create frameworks for data classification: Especially for what should never go into a GenAI tool.
  • Establish a trust layer: Introduce tools (like Opsin) that act as policy enforcement and input sanitization middleware.
  • Phase your rollout: Secure the core org first, then expand to partners and stakeholders.

Technical Guardrails Must Match the Pace of Innovation

WTA’s security team is developing controls to monitor and detect:

  • Input misuse
  • AI-generated hallucinations
  • Unapproved third-party tool use
  • Shadow AI adoption
“We’re building a trust orchestration layer,  not to restrict, but to help the business execute safely and efficiently.”
Paul Sheth, CISO and Head of IT & Development, WTA

Final Takeaway: Enable, Don’t Forbid

Paul’s advice to security leaders is clear: “If you try to block GenAI, users will just go around you.” Instead, lean into education, shared accountability, and composable controls that adapt over time. This isn’t about enforcing with fear. It’s about building confidence with care.

Ready to dive into the full discussion? Watch the webcast at the top of this page.

Get Your Copy
Your Name*
Job Title*
Business Email*
Your copy
is ready!
Please check for errors and try again.

Secure Your GenAI Rollout

Find and fix oversharing before it spreads
Book a Demo →
Opsin logo
Stop GenAI Oversharing
SOC 2 Type II badge
Address Line 1
Address Line 2
Address Line 3
Home
Product
Resources
Book a Demo
Solutions
AI Readiness Assessment
Ongoing Oversharing Protection
AI Detection and Response
Solutions by Industry
Healthcare & Life Sciences
Financial Services
Manufacturing & Industrial
IT Services
Energy
Use Cases
Microsoft Copilot
Gemini
Glean
Customer Stories
Cascade Environmental
Culligan
Encore Technologies
Wellstar Health System
About
Careers
Contact
Privacy Policy
Terms of Use
© 2025 Opsin, Inc.