Chorology Launches AI-Based to Auto-Detect and Classify Sensitive Data at Scale

Mandate-Agnostic AI Data Compliance and DSPM Technology Breaks Compliance Barriers and Future-Proofs Enterprises for Emerging Regulations

CHOROLOGY.ai, an innovator in AI-based compliance and security posture management, today uncovered the AI innovations behind its Compliance and Security Posture Enforcement Platform (CAPE) to reveal Compliance and DSPM industry-firsts in artificial intelligence. Powered by a confluence of three core AI technology sub-fields, Chorology’s Automated Compliance Engine (ACE) is built on AI-based Knowledge Encoding, a powerful new Domain Language Model (DLM) Paradigm, and AI Planning Automation. These patented technologies coalesce, providing the first and only mandate-agnostic solution to deliver a complete view of ALL sensitive enterprise data (known and unknown) throughout structured and unstructured environments.

Also Read: GenAI Powered Copilots: How They Work

Several compliance and security challenges continue to pose major risks to organizations, making technology that accurately identifies, contextualizes and classifies data essential. Most organizations are still incapable of discovering and classifying unknown sensitive data in unstructured content repositories, which comprises 70% to 80% of enterprise data today. Regulatory mandates are constantly changing and expanding, as worldwide enterprise data volumes and data sprawl continue to rise exponentially with forecasts at 181 Zettabytes by 2025.(1) In addition, CISOs, CIOs and CTOs are investing in new forms of AI (such as LLMs) to transform business processes. This use of AI/ML heavily relies on the secure exchange of data at rest and en route, creating even more of a need to know and protect sensitive data.

A related and still unsolved compliance challenge is efficiently responding to consumers’ Data Subject Access Requests (DSARs). To illustrate, the California Consumer Privacy Act (CCPA) and EU’s GDPR both say that consumers have the right to make requests to businesses about the personal information collected, the commercial purpose for collecting their information, the third parties to whom the business discloses said information, and the specific pieces of information collected. The CCPA provides a 45-day window to respond to a consumer’s data request and only 30 days under GDPR. Failure to respond to consumer DSARs can leave organizations open to a higher level of administrative fines and financial risk under the GDPR: £17.5 million or up to 4% of annual global turnover – whichever is greater.(2)

Last, the volume of DSARs is only growing, increasing the need for DSAR automation. According to Statista, “In 2023, 28 percent of internet users worldwide stated having exercised their DSAR rights, up from 24 percent in 2022 resulting in rising requests submitted to companies that collect and keep user data.”(3)

Chorology’s patented compliance automation engine is the first of its kind to employ the core AI technology principles of knowledge encoding and planning automation, without the need for machine learning. This powerful combination empowers ACE with the industry’s first intelligent data compliance and DSPM framework that uniquely frames enterprise data under management as knowledge objects. With this AI framing, very large repositories of sensitive data can be discovered, identified and classified at ultra-high speed and scale. These advancements also enable automated processing of high-enterprise-risk DSARs which can number in the tens of thousands per month – driving massive savings in time and penalty avoidance.

Also Read: AiThority Interview with Jie Yang, Co-founder and CTO of Cybever

By structuring compliance knowledge objects, a practitioner in any industry is now able to apply powerful compliance and governance automation, including automated data mapping, risk assessment and DSPM – in ways that are many times more effective and efficient. At today’s rising data volume and sprawl rates, the field of automated sensitive data discovery, compliance and security requires highly precise data discovery and classification to generate reliably accurate data risk assessments. By encoding knowledge objects for each data type, CAPE can accurately recognize any data type, for any mandate, in any industry, without any costly ML training. The important implication is that these automated compliance and DSPM processes are based on deterministic frame-based structured AI knowledge representation, which is much faster and more accurate than inefficient, probabilistic-based machine learning AI methods.

Chorology’s Automated Compliance Engine, the AI technology core behind CAPE, is mandate-agnostic and scalable with underlying technologies that make it capable of being extended to future mandates while deprecating system requirements for current mandates. This model reduces the cost of enterprise data compliance and helps expand margins of organizations whose revenue heavily relies on data, by avoiding multiple repository passes or the need for software agents on every repository. This allows organizations to use a single compliance platform with streamlined discovery, requiring only one comprehensive scan of the data across all repositories.

“Built on a groundbreaking knowledge-based AI paradigm, Chorology’s intelligently automated compliance engine now makes it possible to automatically discover all known and unknown sensitive data throughout the enterprise’s data universe, where compliance policies can then be automatically applied.” said Tarique Mustafa, CEO/CTO and Founder of Chorology.ai. “Our mandate-adaptive technology uniquely applies knowledge representation and inference encoding disciplines into the artificial intelligence and language understanding to very accurately discover, identify, classify and map data at scale, which has not been possible previously.”

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]