Once again, Concentric notched another industry award win with BIG's AI Excellence Award for 2021. This time it's for our patented Risk Distance™ technology and our ability to automate risk assessment in a zero trust security model. Here are a few excerpts from the submission.
BIG: Can you give us a brief summary of your entry?
We’re pleased to submit Concentric’s Risk Distance™ analysis technology as a candidate for the AI Excellence Award. Risk Distance is the AI-powered engine behind our Semantic Intelligence™ solution for data access governance and risk management. Our customers use the solution to meet privacy regulations governing personal information, prevent inappropriate data sharing with internal and external users, automate risk mitigation tasks and prevent data loss. We protect both structured and unstructured data, on-premises and in the cloud.
BIG: Why did you create Risk Distance?
Semantic Intelligence – and the Risk Distance technology powering it – are a response to a data governance and risk challenge that security professionals have struggled with for decades. Here’s the problem: an organization’s knowledge workers – their lawyers, accountants, marketing professionals and engineers – create and manage enormous volumes of business-critical information. They also make most of the security decisions for that data. How these files are shared, stored and used is completely up to them.
That’s a data security nightmare. With the democratization of file sharing and pervasive work-from-home practices, the risks have only gotten worse. In response, data governance professionals try to manage risk using limited-access folders, end-user document tagging, and rule/policy-based file scanning. It hasn’t worked.
Semantic Intelligence produces a categorized, risk-oriented view of all business-critical information maintained by an organization. We surface risk hidden deep within the millions of files managed by a typical organization, and then we help remediate issues with a portfolio of automated tools that can classify, move, delete or re-permission files under the supervision of a human risk analyst.
BIG: Describe what makes this approach unique.
Concentric developed Risk Distance based on the insight that content creators are content experts, and the way they mark, store, share and use files reveals implicit security policies. Risk Distance uses natural language processing to find and categorize data, making it possible to spot outlier files that aren’t being managed like their peers.
If you’re familiar with NLP, you know it’s an effective unsupervised technology for finding clusters of similar content. Concentric extends NLP with three key innovations that tailor our solution to the data access governance and risk management task. Here’s what we’ve done:
- Perform a business criticality assessment on each cluster. Our research shows an average organization manages about 11M active files. Of those files, only 10% of them are business critical. By reducing monitored files by an order of magnitude, we dramatically lower the odds that alert fatigue will lead a security analyst to overlook critical security issues.
- Add autonomous risk assessment to business-critical files. This is the heart of our Risk Distance analysis. We use peer files in a cluster to establish a security baseline. That baseline makes it possible to spot anomalous files that represent a security risk – without needing rules or policies. Essentially, the content owners themselves are defining security policy through their collective data management decisions.
- Add a centralized model repository, coupled with a model curation service, that deploys NLP models (created by Concentric and our customers) at the point of use. This ensures each customer has access to the best models available.
There you have it! I'm incredibly proud of the team and the amazing solution they've brought to market. Want to learn more? Schedule a demo today! And don't forget to subscribe for news and views on the security market from Concentric.