In this interview, Eric Andrews, VP of Marketing at Securiti.ai, sits down with Website Planet
to discuss the growth and changes the company has undergone over the years.
Please present Securiti.ai to our audience.
’s Unified Data Controls platform was created to address the challenges businesses face with obligations around data security, privacy, governance, and compliance across on-premise, hybrid and multi-cloud environments. Its flagship product – DataControls Cloud™ – establishes a layer of unified data intelligence and controls powered by AI.
Our main goal is to enable enterprises globally to harness the power of the cloud and their data safely
by helping control the complexity and increasing risks around this data.
What’s Your Story? What sparked the idea, and how has it evolved so far?
Securiti.ai was formed with a team of executives and technologists from Symantec, Elastica, Bluecoat and Cisco in 2018. The team had extensive experience with cloud security and DLP in large scale environments, and had been pioneers in the Cloud Access Security Broker (CASB) market. As California passed the first significant U.S.-based privacy regulation, CCPA, it was obvious that most companies were ill-prepared to efficiently address these requirements.
Privacy compliance had traditionally been a manual process with spreadsheets and checklists, and companies lacked granular insights into what personal data they had, which is needed to honor privacy rights. By integrating sensitive data intelligence at scale, along with automated policies and workflows, Securiti pioneered the concept of PrivacyOps
– a modern approach to accurately address these data privacy requirements.
But it is not just privacy – the ability to gather granular insights into sensitive and personal data across an organization’s data landscape has proved useful for a wide range of use cases around data security, privacy, governance and compliance.
Based on this premise, Securiti has driven the concept of Unified Data Controls. Rather than relying on a variety of disparate tools across organizational silos, Securiti’s DataControls Cloud™ acts as a central data command center that simplifies and streamlines an organization’s ability to meet their data obligations
The goal of DataControls Cloud™ is to embed automated controls into an organization’s hybrid cloud infrastructure so that they can safely harness the power of data. This includes structured and unstructured data across SaaS applications like Box or Salesforce, cloud instructure providers like AWS, Microsoft and Google, data clouds like Snowflake or Databricks, or private cloud environments.
Thanks to recent funding rounds, we have been pushing the envelope to help large, global enterprises innovate with data at scale.
What services and products do you offer?
Our core offering is our DataControls Cloud™
, one cloud for complete intelligence and controls across all clouds. DataControls Cloud contains many modules that can be leveraged to address various use cases including:
- Identifying all native and non-native data systems
- Discovering and classifying all the sensitive and personal data within these systems
- Monitoring and controlling access to sensitive data
- Track potential cross border transfer or data sovereignty issues by monitoring the location of data, the location of users of that data and the appropriate regulations that apply to that jurisdiction
- Automating data mapping, privacy assessments and other privacy obligations based on personal information
- Automating individual privacy rights, including Data Subject Requests
- Analyzing the precise impact of a data breach before or after an incident, and automate responses
- Monitoring data risk considering factors such as data type, data location, data subject’s residency, and volume of data.
By providing unified intelligence and controls for data across public clouds, data clouds and SaaS, enterprises can overcome the challenges of hyperscale data environments and meet compliance obligations pertaining to data
. Our platform minimizes the cost and eliminates the complexity of using disconnected tools across organizational silos that are not typically designed for hyperscale multi-cloud environments.
What is the mission of Securiti.ai?
Addressing data obligations has become increasingly challenging for many reasons:
Securiti’s mission is to help businesses safely harness the full potential of their data
- The exponential rise of data
- The migration to complex multi-cloud environments
- The rapidly evolving regulatory landscape
by providing automated solutions that address their data obligations amidst this increasingly complex landscape.
Who are your typical customers, and what is the main challenge that you solve for them?
Our typical customers are businesses that deal with significant volumes of sensitive data – we mean hundreds of terabytes of data that just keep growing. Particularly, we cater to enterprises in highly-regulated industries such as finance, healthcare, pharmaceutical, retail and technology.
Understanding where data is stored, how it’s obtained, if it’s compliant and how safe it is is becoming difficult due to the sheer volume of data, regulations and tools organizations need to manage. The variety of architectures, applications (both legacy and new) and the highly distributed nature of enterprises today add to this difficulty by generating more silos that open the door to breaches as well as time and money-consuming tasks for managing business and consumer data.
Securiti.ai solves these challenges by offering a solution that breaks the historic silos between security, privacy, governance and compliance arms of data management in one consolidated platform
What tools are in your techstack, and how do you benefit from them?
Our DataControls Cloud™ full-stack solution allows for dark data systems discovery, sensitive data discovery, data cataloging, data security posture management, access intelligence & controls, detection of sensitive data in motion, breach impact analysis & response, data risk monitoring, individual privacy rights automation, data privacy obligations automation and workflow and controls automation.
By leveraging DataControls Cloud™, users are able to automatically stay up-to-speed on the full breadth of security, privacy, governance and compliance, as well as eliminate the need for third-party data management
. With the ability to automatically set up policies to manage access to data depending on the kind, sensitivity, system, location or regulation, the platform delivers real-time visibility through common AI-based data intelligence.
Customers now have access to a streamlined approach that makes it simple to locate, comprehend, trust, and access the data they require. This is made possible by streamlining data governance and security activities.
How do you envision the future of your industry? How is the role of AI in cybersecurity going to evolve?
AI is undergoing a revolution as large language models and generative AI are achieving capabilities never seen before, and they are expected to have a significant impact on cybersecurity.
We should first see the greater availability of productivity-enhancing natural language understanding (NLU) interfaces. NLU interfaces can expand a cybersecurity product’s capabilities while simplifying it
– two characteristics typically traded off.
For instance, InfoSec teams will use NLU interfaces to rapidly retrieve information and set policies that would otherwise require drafting complex queries and configuration files.
High-quality NLU systems will even accurately carry out complex requests for new or unfamiliar systems. In a time-sensitive scenario, such as a data breach, such interfaces may prove to be very valuable.
InfoSec teams will have an improved understanding of the data in their systems. Currently, data classification is limited to predetermined taxonomies. The taxonomies can be expanded, but only through explicit construction using machine learning on labeled data or rule sets.
In contrast, generative LLMs pre-trained on vast volumes of unstructured data
hold a variety of real-world information outside pre-determined taxonomies that can be used to broaden data classification without explicit training. This is called “zero-shot or few-shot learning”. If a small amount of representative training data is available, fine tuning can be considered for improved alignment with company data.
AI also has the potential to boost proactive data security
. “All companies are data companies,” but to deliver value, data teams need access to high-quality data.
There was once a time where data teams would use production data for their work, but that came at the expense of data privacy and security.
Generative AI is beginning to break this barrier.
It can generate high-quality synthetic data because it is able to infer the semantics
of real-world data. For example, a large language model (e.g., GPT) may ideate entirely novel location, demographic, and purchase data that feels like it came from the purchase history dataset it was developed from.
Armed with Generative AI, practitioners can now have the best of both high-quality data and data security
. We should eventually see the use of high-quality synthetic data for experimental data work as standard practice in enterprises, especially differentially-private synthetic data.
Lastly, what are your plans for the company for the near future?
Securiti.ai recently announced that Capital One Ventures and Citi Ventures have invested in the company
. This investment, which comes on the heels of a $75 million Series C funding round in October 2022, will bolster DataControls Cloud™ as well as assist in hastening the adoption of a centralized data command center for the hyperscale cloud systems of today.
We are continuing to work closely with some of the largest companies in the world as they adopt this new paradigm and fully leverage the benefits of a unified data controls framework. We are also working closely with major partners, including cloud service providers and global systems integrators, to accelerate the broad adoption of this powerful new framework.
The entire industry is being revolutionized by the integration of data intelligence and controls across security, privacy, governance and compliance, which enables enterprises to retire old and disjointed systems that increase cost and complexity.