As the uses of artificial intelligence expand widely across industries, the fields of data security and risk management are emerging sources of innovation.
Data discovery and classification provider BigID recently launched BigAI, which applies a new language learning model that scans and categorizes organizations' data by leveraging AI to improve data classification, while optimizing data security and risk management as an additional service for BigID customers.
BigID Chief Marketing Officer Sarah Hospelhorn said, with generative AI becoming a hot button topic in both the technology industry as well as among the public through apps such as ChatGPT, BigAI is the company's next progression in utilizing AI technologies to help companies wrap their figurative arms around disparate bits of unstructured stored data that may contain personal information.
"BigAI is a platform, and the foundation of the platform is all about discovery and classification and understanding what data you have, regardless of where it is," Hospelhorn said. "That data could be on premises, in the cloud — it could be structured data, it could be unstructured data, like a Microsoft Word or Excel file. That foundational layer is going to pull everything into a data map or a data inventory and give customers a better sense of what they have."
What makes BigAI revolutionary, Hospelhorn said, is the privacy-by-design elements undertaken in its development. She said, generally, language-learning models pose some risk when queried and can "leak" information.
Hospelhorn said customers previously sought out BigID to "flag and tag" unstructured data their companies collect. She said customers using BigID to classify their data will now be able to train BigAI's LLM on more comprehensively inventoried data to better prevent inadvertent releases when processing.
"Both the product can use LLMs, but also we can help organizations use LLMs responsibly by understanding what's inside (their data)," Hospelhorn said. "There's more interest in being able to govern your data, and being able to fulfill and understand everything from the data lifecycle. You have to fully understand what (data you possess) in order to know how to protect it the most."
One BigAI feature will be the introduction of a chatbot to assist customers, Hospelhorn said. The chatbot is trained on all of BigID's resources, such as white papers, to inform customers on a range of topics. For instance, she said the topics could be as broad as aligning with the U.S. National Institute for Standards and Technology AI Risk Management Framework or as narrow as customizing consent options in a privacy portal.
"Customers will be able to align more consistently with what you need to do for compliance; whether that's for data retention, data minimization, a cloud migration," Hospelhorn said. "It's really combining all of this collective intelligence to do things more efficiently."
Hospelhorn said BigAI allows companies to see their data inventory more holistically, instead of siloed in separate buckets of privacy, risk mitigation, security and governance.
"You need things that can not only give you that granular view into what data you have, but really automate everything so that you don't have somebody trying to do everything manually, because it doesn't scale," Hospelhorn said. "It's not just data privacy, but you have to look at it from a risk perspective, you have to look at it from a security perspective, you have to look at it from a governance perspective and have a unified view of your data in order to move things forward."
Hospelhorn said the BigAI technology is flexible and customizable so organizations can adapt to forthcoming global AI regulations, such as the EU AI Act. She said the product's ability to be adaptable to current and future regulations allows companies to make their data governance proactive to additional jurisdictions' laws to help them strategically plan for scaling operations.
"When governments introduce more laws and regulations, we've created hundreds of out-of-the-box policies and classifiers, but customers can make their decisions and say what data matters most to them," Hospelhorn said. "Oftentimes, our customers take the stance that since they have to be compliant with a specific state or country's regulations, they'll want to be able to do that globally. We know privacy can be a real catalyst for making organizations take proactive steps to manage and protect their data in a different way to be successful."