How Securiti.ai CEO Is Advancing AI Using Cloud Security and Safety Methods

How Securiti.ai CEO Is Advancing AI Using Cloud Security and Safety Methods

I recently had the opportunity to interview the CEO of Securiti, Rehan Jalil, a Venture Advisor at Mayfield Fund, an investor and mentor to many Silicon Valley startups. SecuritiAI is an enterprise-grade centralized platform that enables the safe use of data and AI – and is the pioneer of the Data+AI Command Center. Companies rely on Securiti for their data security, privacy, governance, and compliance. The company is well recognized with numerous industry and analyst awards, and most recently was acknowledged by Gartner Peer Insights as Customers’ Choice for DSPM, and by Gigamon as the top-rated vendor for DSPM. Note: DSPM stands for Data Security Posture Management (DSPM) solution which enables organizations to reduce data breach risk, secure data sharing, and improve data privacy and compliance while reducing the cost and complexity of building data controls.

Can you share a little about your company and backstory?

Securiti is now over five years old. Previously Rehan’s team was running a cloud security business. He started his engineering career with an early stint at Sun Microsystems building GPUs, and now in his CEO role, he is back into the same data challenges that are so critical to get AI? right to scale. When he and his team founded the company, they realized that a robust data platform was needed for AI to be successful. This was later coined the Data Command Center, where they provide customers with a single source of truth around what data they need. They wrap around the safety of all data types, structured, or semi-structured, and ensure that all the privacy obligations are accounted for.?

What is Securiti.ai mission??

Securiti.ai mission is to enable the safe and secure use of data for enterprise companies. The reality is that without data, you cannot create new value. There is no question, the new generative AI models are super impressive, but they are only useful in the enterprise if they can work with your data, and in a safe fashion.? Security focuses deeply on privacy compliance and ensures security governance is a cornerstone for operational success. “We understand that data is life-like, on the back end, everything operates on it. For any organization, whether it's a financial organization, it's a bank account, your bank account means, your money means data. So needless to say, all organizations rely on data, and it is not a single dimension asset,”shared Rehan.

How are you advancing corporate governance and data privacy requirements into your operating model??

Organizations continue to struggle with how to make sense of data security and governance requirements. One clear trend is the emergence of unified platforms that help reduce costs and complexity and facilitate inter-departmental coordination. Another trend is the increased use of AI and automation within these solutions to help address the explosion of data across hybrid multi-cloud and the complex array of data regulations. Legacy data discovery solutions are no longer meeting business needs. The biggest trend is generative AI. While everyone is familiar with consumer AI solutions, such as Chat GPT, the more compelling use case is enterprise AI solutions that can drive innovation and competitive advantage. To successfully build enterprise-grade AI systems, organizations will need comprehensive controls and data governance solutions to embed appropriate guardrails. Successful organizations will be driving hard to build innovative AI solutions, which will create the need for new AI security and governance solutions.

Securiti has developed a Data Command Center, what is this all about?

The Securiti.ai Data Command Center aims to empower organizations to fully leverage their data assets, without compromising privacy, security, or compliance. This is achieved by automatically scanning an organization’s data landscape (SaaS, IaaS, cloud data lakes, warehouses, etc.), and getting granular insights into all the sensitive information and AI systems. These insights, captured in a unique real-time knowledge graph, are used to enforce privacy and security controls and ensure compliance with global data regulations. This platform is particularly valuable in developing modern generative AI systems, which feed on data – especially unstructured data. Historically, organizations have relied on fragmented tools to address their data obligations, which has been costly and complex. Securiti’s unified platform increases efficiency, reduces costs, mitigates risks, and enables the safe use of data and AI.

How does Securiti.ai ensure the security of sensitive data across hybrid multi-cloud environments?

Securing sensitive data across complex hybrid multi-cloud environments demands a holistic approach. Securiti uses advanced technology to automatically discover and classify data across an organization's entire data landscape, such as SaaS, IaaS, data lakes, warehouses, and on-premises systems, including,? both structured and unstructured data. Securiti further enriches this information with deep contextual insights building a real-time knowledge graph, including whom the data belongs to, access entitlements, what regulations apply, where the data is located, and more. This foundation is critical for automating precise controls to safeguard sensitive information and comply with relevant regulations. For example, the platform automates privacy obligations such as data mapping, data subject rights requests, and assessments. It also addresses data security obligations such as data access intelligence and governance, data security posture management, data minimization, and breach management. There is market demand to govern unstructured data and the safe development of AI systems, including identifying shadow AI, ensuring sensitive data is not feeding AI models, cataloging and monitoring risks of AI systems, and enforcing controls with LLM firewalls to protect AI systems from misuse or abuse. Securiti’s Data Command Center provides unparalleled visibility and control enabling the safe use of data and AI.

With the increasing complexity of data privacy regulations, how does Securiti AI help organizations stay compliant and manage privacy obligations effectively?

Navigating the complex web of data privacy regulations is daunting. New legislation is coming at a rapid pace – like the EU AI Act, the White House AI Executive Order, and California Bill 1047 hitting within a matter of months. Enterprises have new requirements to consider daily, while also adhering to frameworks such as NIST’s AI Risk Management and Singapore’s Model AI Governance. Securiti also has a dedicated research team that stays abreast of all the latest regulations and builds this knowledge into our Data Command Center. This provides organizations with real-time context to highlight potential risks, along with built-in templates to automate compliance with the latest regulations. Securiti’s Data Command Center automates many of the most time-consuming and complicated tasks associated with privacy compliance including data mapping, privacy impact assessments, data subject rights requests, cross-border transfers, breach management, and consent management.

Can you discuss the role of AI in Securiti’s platform and how it enhances data security and governance?

Securiti uses advanced techniques harnessing AI and ML to provide increased accuracy in data discovery and classification. These techniques significantly reduce false positives and augment the detection of sensitive content in challenging datasets like unstructured data, images, and video. In addition to leveraging AI in the platform, Securiti’s Data Command Center helps organizations to govern and manage their AI ecosystems. Part of this includes securely processing large unstructured and structured datasets while making sure that sensitive or incorrect information is not fueling AI models. Additionally, there’s a huge call to safeguard privacy and data access entitlements and protect system-critical AI models from things like prompt injection and data exfiltration. Putting comprehensive controls and guardrails around AI systems enables organizations to embrace innovation safely.

How does Securiti’s Large Language Model (LLM) Firewall work, and what benefits does it offer in securing GenAI applications?

Securiti has built a context-aware LLM Firewall as a key building block in its security stack. The LLM firewall is equipped with advanced language processing capabilities, meaning it understands user prompts in multiple languages, analyzes multimedia content, and provides robust protection against a variety of threats like data leakage, prompt injections, and harmful content. Securiti’s LLM Firewalls are unique as they are context-aware and have real-time understanding of sensitive content and the context around data, such as access entitlements: ie; continuous monitoring and protection based on real-time insights into the data landscape. Securiti’s firewalls are also unique as they inspect three different points in the AI pipeline, including the prompt firewall (between the user prompt and the LLM model, protecting against malicious attacks), the retrieval firewall (between the LLM model and the vector database, monitoring what data is being fetched for the response) and the response firewall (between the LLM model and the user prompt, ensuring appropriate responses are being issued based on corporate policies). These provide comprehensive real-time controls to safeguard AI systems. All these interactions require real-time inspection to identify external attacks, malicious actors, and even user errors.

Can you provide examples of how global companies are leveraging Securiti’s Data Command Center to break silos and achieve unified data intelligence?

As an example, A Fortune 500 company that Securiti worked with had complex requirements across data privacy, data security and data governance. They engaged with key members of these teams at the highest levels, including their CPO, CDO, and CISO. They complained about having dozens of fragmented tools to try and obtain the data governance they required – and these tools often had inconsistent views of their data. Stitching these systems together to meet their obligations on their data was also complex and costly. They were eager to harness Securiti’s solution to get a “single source of truth” about their data landscape that could be used by the various teams, eliminating inconsistencies and streamlining operations between the groups (e.g., handling cross-border transfers or data breaches, which require input from multiple teams). The unified platform improved operational efficiency, reduced complex integration costs, and ensured all teams were working from the same set of data mitigating many risk factors.

How do you think organizations should prepare for the data challenges and opportunities presented by the increasing use of AI?

The explosion of AI is exciting, but businesses must prioritize responsible AI implementations to avoid AI becoming a financial or reputational liability. By prioritizing trustworthy AI practices, companies – and their customers – can expect a high level of transparency, control risks, and reputational trust. This means taking control of your AI landscape, evaluating models for bias and security, continuous monitoring, and ensuring ethical data handling. AI should work for you, not against you.

How does Securiti.ai integrate automation in managing data security and privacy, and what advantages does this bring to businesses?

Securiti is built on a foundation of automation, driving efficiency and reducing the risk of human error. By automating tasks like data discovery, classification, and compliance assessments, we free up security and privacy teams to focus on strategic initiatives. Their automation capabilities extend to incident response, threat detection, and remediation – so their customers can react swiftly to security incidents. Additionally, automation plays a crucial role in ensuring compliance with evolving regulations. By streamlining compliance processes, Security helps organizations reduce costs, minimize risks, and demonstrate their commitment to data protection.

Any perspectives on risks on Microsoft’s Co-Pilot, Gen AI technology?

First, leaders must understand that if they bring this very powerful brain into their organization and drop this functionality into their enterprise environment with their data, there is an imperative to ensure the organization puts in many controls like entitlement controls, privacy controls, security, data lineage, so you clearly know where your data and files are going. We have seen that people have a huge appetite and desire to even use the simplest of the co-pilots. Unfortunately, most people do not understand what this technology is really doing. I'll give you one example of a CIO who started to turn on the co-pilots on SharePoint, and why he turned it off the next day. And it was only for executives, just to try it.? What they realized is that people could see each other's information, and that the Co-Pilot technology could generate answers to each other's information, which was not exposed before.

Microsoft is known for releasing products full of issues pre-maturely, and this is another example of pre-launch risks. Eventually this will get solved, but a key message is tested and validated before scaling.

Are you seeing any patterns across industries ?

Security has created a unified layer of intelligence around data, what we call a data command graph. Over it, the company has built different blades. There are certain capabilities within the platform, which are more universal ie: if you're compliant with regulations and things like that. There are certain aspects that everyone needs. On the other hand, you do not want somebody's salary to be seen by any other employee. As simple as this point is, it has nothing to do with the type of industry. ? There are certain types of controls that everyone wants, security controls on data, entitlement etc.? Security has seen that most of its industry growth has been in banks, insurance, airlines, technology, and consumer companies.

What key lessons have you learned as a CEO in your journey?

AI is a critical skill competency. I think AI? is no longer an option.? So it's now our reality that you cannot live without it. The world has changed, whether or not we realize it as leaders. In the new AI era, if you are not embracing how to utilize AI to create value for your customers, you likely are on the wrong track. If you don't use AI, somebody else is going to do it. So getting on board is a leadership imperative or you will no longer remain relevant. The number one lesson is it's all about getting your people comfortable with using AI methods, building the education and skill muscle to know how to manage data securely, and applying AI with strong operating processes around data management. Finally, it's all about execution at the end of the day. If you have created a culture where people are willing to learn new things, take pride in learning new things, and are adaptive you are heading in the right direction. In summary, if you have built an open culture in which you can engender authentic conversations and openly talk through issues about AI, this is critical for human-in-the-loop learning.

What is a key takeaway message for leaders to future-proof their AI Strategy?

First, be laser-focused on utilizing AI effectively and ensure you are creating real value for the customer, take all the other things away. Focus on the optimal use case, and execute ethically. If you are helping your customers to learn, you are strengthening the overall ecosystem. At the same time, do not underestimate the downside, which means you must put all the right controls in place.? So that by utilizing it, there are no downsides because if you've got all the grails around, this is an insanely powerful foundation that sets up your organization for future success.

Notations:?

This article also includes Dr. Cindy Gordon’s views integrated with Rehan Jali’s views on AI, as well as other market research sources that in the past have also interviewed Rehan, Jali.?

To see the full video interview, see here.

References:

Tardif, Antoine. August 7, 2024, Rehan Jali CEO Interview.?

Deutscher, M. August 9, 2019, Silicon Angle.

Nikoo Khanahmadi

Biomedical Scientist | Quantum Technologies LLC | Research and Analysis Expert

3 周

#up????

回复

要查看或添加评论,请登录

DR. CINDY GORDON ICD.D.的更多文章