AI is transforming how businesses operate—but it’s also redefining how and where data security must happen.
MagicMirror is excited to welcome David Baker, former Chief Security Officer at Okta, Bugcrowd, and 23andMe, as a strategic advisor. With decades of experience leading enterprise security teams and identifying vulnerabilities before attackers do, David brings a practitioner’s perspective to one of the most pressing challenges today:
How do you protect sensitive data before it ever leaves the device?
As an advisor, David will help guide MagicMirror’s go-to-market strategy and product evolution as we continue building the future of local-first, AI-resilient security.
Enterprises are surrounded by tools that move data—browsers, APIs, SaaS platforms, and now GenAI. But the perimeter is no longer where security happens. And by the time cloud-based tools detect a risk, the data is already gone.
MagicMirror takes a different approach:
We secure data at the source—on the device, inside the browser—before it can be exposed, exfiltrated, or misused.
At the core is our lightweight, locally running Small Language Model (SLM)—a multitask model that classifies, anonymizes, and protects data in real time, without sending anything to the cloud. No subprocessors. No external APIs. No delays. Just fast, private protection that works across GenAI, SaaS, file uploads, and browser-based workflows.
“MagicMirror isn’t chasing the latest AI trend. They’re building a security foundation that’s scalable, privacy-first, and long overdue,” said Baker. “Once enterprises realize how exposed their cloud-first models really are, this type of local-first architecture will become the standard.”
The surge in GenAI adoption is exposing how ill-equipped traditional security stacks really are. Employees are moving faster than policies, and sensitive data is ending up in places it shouldn't—LLMs, shared SaaS platforms, even public forums.
But GenAI didn’t invent this problem. It just accelerated it.
Whether it’s a product roadmap pasted into ChatGPT or a private PDF uploaded to a third-party tool, the risk starts before the data leaves the device. And most security solutions are still reacting too late.
“AI isn’t just another tool—it behaves like a teammate. It remembers, it learns, and it can be manipulated,” said Baker. “If sensitive data ends up in the wrong model or tool, it’s almost impossible to reverse.”
That’s why MagicMirror’s approach—real-time classification, on-device enforcement, and local anonymization—matters now more than ever.
David joins MagicMirror at a moment of scale. We’re expanding beyond GenAI oversight into broader browser-based protections, developer SDKs, and custom enterprise policies.
“Security today feels like patchwork,” said MagicMirror CEO [Name]. “We’re building something more foundational—and David knows what it takes to help organizations adopt that kind of shift, without disrupting how teams work.”
With his background in building security programs from zero to one—and his experience across identity, vulnerability research, and compliance—David’s guidance will help us scale MagicMirror’s vision: security that’s real-time, local, and built directly into the flow of work.
The world is realizing what we’ve believed from the beginning: true data protection starts before the cloud.
We’re building that future—and we’re excited to have David on board.
🔗 See the magic happen. Schedule a demo today.
