Rehan Jalil is the CEO of Securiti.AI, Venture Advisor at Mayfield Fund and an investor and mentor to many Silicon Valley startups. He was the SVP and GM for Cloud Security at Symantec.
Securiti AI is an enterprise-grade centralized platform that enables the safe use of data and AI – and the pioneer of the Data+AI Command Center. Companies rely on Securiti for their data security, privacy, governance and compliance. Securiti has been recognized with numerous industry and analyst awards, and most recently was acknowledged by Gartner Peer Insights as Customers’ Choice for DSPM, and by GigaOm as the top-rated vendor for DSPM.
Can you elaborate on the vision behind Securiti AI’s Data Command Center and how it differentiates from other data management platforms in the market?
Our vision with the Data Command Center is straightforward: we aim to empower organizations to fully leverage their data assets without compromising privacy, security or compliance. This is achieved by automatically scanning an organization’s data landscape (SaaS, IaaS, cloud data lakes and warehouses, etc.) and getting granular insights into all the sensitive information and AI systems. These insights, captured in a unique real-time knowledge graph, are used to enforce privacy and security controls and ensure compliance with global data regulations. This platform is particularly valuable in developing modern generative AI systems, which feed on data – especially unstructured data. Historically, organizations have relied on a series of fragmented tools to address their data obligations, which has been costly and complex. Securiti’s unified platform increases efficiency, reduces costs, mitigates risks and enables the safe use of data and AI.
What were the key challenges you faced while launching Securiti in 2019, and how did your experience at Symantec shape your approach?
One of the challenges we faced launching Securiti was running into the Covid epidemic just six months after launching the company. In the early days of launching a company, gaining customers and early revenue is key. We had a lot of momentum, including early customer traction and winning the RSAC 2020 Most Innovative Startup. A week after we won the RSA accolade, the world shut down and we entered an uncertain economic climate. Through my experience with Symantec and previous companies, I was very familiar with working with the largest global organizations on their complex security needs. As a team, we have also been through economic downturns in the past. This experience gave us the confidence to stick to our strategy, continue to invest in solving real problems large enterprise organizations face, and patiently wait for the markets to return to a more normal state.
How does Securiti AI ensure the security of sensitive data across hybrid multicloud environments?
Securing sensitive data across complex hybrid multicloud environments demands a holistic approach. Securiti uses advanced technology to automatically discover and classify data across an organization’s entire data landscape, such as SaaS, IaaS, data lakes, warehouses, and on-premises systems including both structured and unstructured data. Securiti further enriches this information with deep contextual insights building a real-time knowledge graph, including whom the data belongs to, access entitlements, what regulations apply, where the data is located and more. This foundation is critical for automating precise controls to safeguard sensitive information and comply with relevant regulations. For example, the platform automates privacy obligations such as data mapping, data subject rights requests and assessments. It also addresses data security obligations such as data access intelligence and governance, data security posture management, data minimization and breach management. Of keen interest currently is governing unstructured data and the safe development of AI systems, including identifying shadow AI, ensuring sensitive data is not feeding AI models, cataloging and monitoring risks of AI systems, and enforcing controls with LLM firewalls to protect AI systems from misuse or abuse. Our Data Command Center provides unparalleled visibility and control enabling the safe use of data and AI.
With the increasing complexity of data privacy regulations, how does Securiti AI help organizations stay compliant and manage privacy obligations effectively?
Navigating the complex web of data privacy regulations can be daunting. New legislation is coming at a rapid pace – like the EU AI Act, the White House AI Executive Order and California Bill 1047 hitting within a matter of months. Enterprises have new requirements to consider daily, while also adhering to frameworks such as NIST’s AI Risk Management and Singapore’s Model AI Governance. Securiti has a dedicated research team that stays abreast of all the latest regulations and builds this knowledge into our Data Command Center. This provides organizations with real-time context to highlight potential risks along with built-in templates to automate compliance with the latest regulations. Securiti’s Data Command Center automates many of the most time-consuming and complicated tasks associated with privacy compliance including data mapping, privacy impact assessments, data subject rights requests, cross-border transfers, breach management and consent management.
Can you discuss the role of AI in Securiti’s platform and how it enhances data security and governance?
Securiti uses advanced techniques harnessing AI and ML to provide increased accuracy in data discovery and classification. These techniques significantly reduce false positives, and augment detection of sensitive content in challenging datasets like unstructured data, images and video. In addition to leveraging AI in the platform, Securiti’s Data Command Center is also critical to helping organizations govern and manage their AI ecosystems. Part of this includes securely processing large unstructured and structured datasets while making sure that sensitive or incorrect information is not fueling AI models. Additionally, there’s a huge call to safeguard privacy and data access entitlements and protect system-critical AI models from things like prompt injection and data exfiltration. Putting comprehensive controls and guardrails in place around AI systems enables organizations to embrace innovation safely.
How does Securiti’s LLM Firewall work, and what benefits does it offer in securing GenAI applications?
Our context-aware LLM Firewall has become a key building block in our security stack. For a brief overview, the LLM firewall is equipped with advanced language processing capabilities, meaning it understands user prompts in multiple languages, analyzes multimedia content, and provides robust protection against a variety of threats like data leakage, prompt injections and harmful content. Securiti’s LLM Firewalls are unique, in that they are context aware – having real-time understanding of sensitive content and the context around data, such as access entitlements – providing continuous monitoring and protection based on real-time insights into the data landscape. Securiti’s firewalls are also unique in that they inspect three different points in the AI pipeline, including prompt firewall (between the user prompt and the LLM model, protecting against malicious attacks), the retrieval firewall (between the LLM model and the vector data base, monitoring what data is being fetched for the response) and the response firewall (between the LLM model and the user prompt, ensuring appropriate responses are being issued based on corporate policies). These provide comprehensive real-time controls to safeguard AI systems. All these interactions require real-time inspection to identify external attacks, malicious actors, and even user errors.
Can you provide examples of how global companies are leveraging Securiti’s Data Command Center to break silos and achieve unified data intelligence?
As an example, A Fortune 500 company we worked with had complex requirements across data privacy, data security and data governance. We engaged with key members of these teams at the highest levels, including their CPO, CDO and CISO. They complained about having dozens of fragmented tools in order to try and obtain the data governance they required – and these tools often had inconsistent views of their data. Stitching these systems together to meet their obligations on their data was also complex and costly. They were eager to harness our solution to get a “single source of truth” about their data landscape that could be used by the various teams, eliminating inconsistencies and streamlining operations between the groups (e.g., handling cross border transfers or data breaches, which require input from multiple teams). The unified platform improved operational efficiency, reduced complex integration costs and ensured all teams were working from the same set of data mitigating liability and risks.
Given your extensive background in security, what trends do you see emerging in data security and governance?
Organizations are struggling with a complex array of products to address their data security and governance requirements. One clear trend is the emergence of unified platforms that help reduce costs and complexity and facilitate inter-departmental coordination. Another trend is increased use of AI and automation within these solutions to help scale to address the explosion of data across hybrid multicloud and the complex array of data regulations. Legacy data discovery and DLP solutions are no longer meeting these needs. Finally, the biggest trend of all is the rapid growth in the use of AI, in particular generative AI. While everyone is familiar with consumer AI solutions, such as Chat GPT, the more compelling use case is enterprise AI solutions that can really drive innovation and competitive advantage. To successfully build enterprise grade AI systems, organizations will need comprehensive controls and data governance solutions to embed appropriate guardrails. Successful organizations will be driving hard to build innovative AI solutions, which in turn will create the need for new AI security and governance solutions.
How do you think organizations should prepare for the challenges and opportunities presented by the increasing use of AI in data management?
The explosion of AI is exciting, but businesses must prioritize responsible implementation to avoid AI becoming a financial or reputational liability. By prioritizing trustworthy AI practices, companies – and their customers – can expect a high level of transparency, control risks, and reputational trust. This means taking control of your AI landscape, evaluating models for bias and security, continuous monitoring, and ensuring ethical data handling. AI should work for you, not against you.
How does Securiti AI integrate automation in managing data security and privacy, and what advantages does this automation bring to businesses in terms of efficiency and compliance?
Securiti AI is built on a foundation of automation, driving efficiency and reducing the risk of human error. By automating tasks like data discovery, classification, and compliance assessments, we free up security and privacy teams to focus on strategic initiatives. Our automation capabilities extend to incident response, threat detection, and remediation – so our customers can react swiftly to security incidents. Additionally, automation plays a crucial role in ensuring compliance with evolving regulations. By streamlining compliance processes, we help organizations reduce costs, minimize risks, and demonstrate their commitment to data protection.
Thank you for the great interview, readers who wish to learn more should visit Securiti AI.