Traditional data security risk assessment techniques typically involve manual or rule-based approaches. These methods rely on predefined rules, checklists or guidelines to identify potential risks and vulnerabilities within an organization's data ecosystem. They often involve activities such as manual document analysis, structured questionnaires, vulnerability scanning and penetration testing.
The issue with these techniques is that they are time-consuming, labor-intensive and inefficient for large data volumes. They struggle to detect complex patterns and contextual nuances, potentially missing subtle indicators of data security risks. These methods also lack scalability and adaptability, becoming outdated as data volumes and complexities increase and security threats evolve.
Foundation models, such as OpenAI's GPT, have the potential to be game-changers here as they are designed to replace task-specific models. “Potential” is the keyword. Concentric AI, a provider of intelligent AI-driven solutions for autonomous data security posture management, is poised to harness that potential with its latest patent.
The patent, titled "A Method and Electronic Device for Generating Semantic Representation of Documents using Large Language Models to Assess Data Security Risk," highlights Concentric (News - Alert) AI's innovative approach in comprehending the context and substance of each data record to fortify and inform data security posture.
The patent delves into the creation of document-level semantic representations through the utilization of LLMs, particularly deep-learning models. These representations, known as embeddings, undergo analysis to determine if a document's security posture aligns with other similar documents and how best to secure it.
Unlike existing tools that primarily rely on metadata such as folder structures, document authors and names to infer potential sensitivity or importance, Concentric AI's approach disregards these superficial factors. Instead, their Semantic Intelligence solution, developed with extensive domain expertise, harnesses advanced deep learning technology to safeguard structured and unstructured data, including email, messages and attachments.
By leveraging the collective knowledge within Concentric AI's extensive dataset and growing community of data owners, their deep learning model can identify and categorize data based on its true meaning and sensitivity.
Concentric AI's DSPM solution goes beyond traditional approaches by scanning an organization's data, detecting sensitive or business-critical content, and assigning the most appropriate classification category through automatic tagging. Unlike conventional methods that rely on endless regular expression rules or potentially inaccurate user labeling, Concentric AI employs AI-driven algorithms to enhance discovery and classification accuracy and efficiency.
Additionally, their solution autonomously monitors and identifies risks related to financial and other data, such as inappropriate permissions, erroneous entitlements, risky sharing practices and unauthorized access. It can proactively remediate permissions and sharing issues automatically or collaborate with other security solutions and cloud APIs to swiftly and consistently protect exposed data.
“Our newly patented method furthers Concentric AI’s market lead by enabling our solution to understand the context and content of customers’ data better than competing solutions,” said Karthik Krishnan, founder and CEO, Concentric AI. “Being granted this patent validates our unique method of discovering and categorizing sensitive data and shows that our technology backs up our messaging. We have an innovative product with a great engineering team that has now been validated, recognizing our pioneering efforts as we continue to innovate and lead the market with our category-defining product.”
With this patent, Concentric AI provides organizations with a comprehensive data security solution that harnesses the power of deep learning and semantic understanding to mitigate risks and safeguard sensitive information in an ever-evolving threat landscape.
Edited by Greg Tavarez