I would definitely enable the cache at integration level and security at final views / views exposed to the clients. Summaries may be an option as well.

You can refer to https://community.denodo.com/kb/en/view/document/Fine-grained%20privileges%20and%20caching%20best%20practices

Please keep in mind enabling the cache will result in duplicating the data, which may be sometimes in contradiction with the fact your data is sensitive