Mandate-Agnostic AI Data Compliance and DSPM Technology Breaks Compliance Industry Barriers and Future-Proofs Enterprises for Emerging Regulations
SAN JOSE, Calif. – October 28, 2024 – CHOROLOGY.ai, an innovator in AI-based compliance and security posture management, today uncovered the AI innovations behind its Compliance and Posture Enforcement (CAPE) Platform to reveal Compliance and DSPM industry-firsts in artificial intelligence. Powered by a confluence of three core AI technology sub-fields, Chorology’s Automated Compliance Engine (ACE) is built on AI-based Knowledge Encoding, a powerful new Domain Language Model (DLM) Paradigm, and AI Planning Automation. These patented technologies coalesce, providing the first and only mandate-agnostic solution to deliver a complete view of ALL sensitive enterprise data (known and unknown) throughout structured and unstructured environments.
Several compliance and security challenges continue to pose major risks to organizations making technology that accurately identifies, contextualizes and classifies data a must-have. Most organizations are incapable of discovering and classifying unknown sensitive data in unstructured repositories. Regulatory mandates are constantly changing and expanding, as worldwide enterprise data volumes and data sprawl continue to rise exponentially with forecasts at 181 Zettabytes by 2025.[1] In addition, CISOs, CIOs and CTOs are investing in new forms of AI (such as LLMs) to transform business processes. This use of AI/ML heavily relies on the secure exchange of data at rest and enroute creating even more need to know and protect sensitive data.
A related and still unsolved compliance challenge is efficiently responding to consumers’ Data Subject Access Requests (DSARs). To illustrate, the California Consumer Privacy Act (CCPA) and EU’s GDPR both say that consumers have the right to make requests to businesses about the personal information collected, the commercial purpose for collecting their information, the third parties to whom the business discloses said information, and the specific pieces of information collected. The CCPA provides a 45-day window to respond to a consumer’s data request and only 30 days under GDPR. Failure to respond to consumer DSARs can leave organizations open to a higher level of administrative fines and financial risk under the GDPR: £17.5 million or up to 4% of annual global turnover – whichever is greater.[2]
Last, the volume of DSARs is only growing, increasing the need for DSAR automation. According to Statista, “In 2023, 28 percent of internet users worldwide stated having exercised their DSAR rights, up from 24 percent in 2022 resulting in rising requests submitted to companies that collect and keep user data.”
Chorology’s patented compliance automation engine is the first of its kind to employ the core AI technology principles of knowledge encoding and planning automation, without the need for machine learning. This powerful combination empowers ACE with the industry’s first intelligent data compliance and DSPM framework that uniquely frames enterprise data under management as knowledge objects. With this AI framing, very large repositories of sensitive data can be discovered, identified and classified at ultra-high speed and scale. These advancements also enable automated processing of DSARs which can number in the tens of thousands per month, with massive savings in time and penalty avoidance.
By structuring compliance knowledge objects, a practitioner in any industry is now able to apply powerful compliance and governance automation including automated data mapping, risk assessment and DSPM – in ways that are many times more effective and efficient. At today’s rising data volume and sprawl, the field of sensitive data discovery, compliance and security requires highly precise data discovery and classification to generate reliably accurate data risk assessments. The important implication is that these automated compliance and DSPM processes are based on deterministic frame-based AI structured knowledge, which is much faster and more accurate than inefficient, probabilistic-based machine learning AI methods.
Chorology’s Automated Compliance Engine, the AI technology core behind CAPE, is mandate-agnostic and scalable with underlying technologies that make it capable of being extended to future mandates while deprecating system requirements for current mandates. This model reduces the cost of enterprise data compliance and helps expand margins of organizations whose revenue heavily relies on data, by avoiding multiple repository passes or the need for software agents on every repository. This allows organizations to use a single compliance platform with streamlined discovery, requiring only one comprehensive scan of the data across all repositories.
“Built on a groundbreaking knowledge-based paradigm, Chorology’s intelligently automated compliance engine now makes it possible to automatically discover all known and unknown sensitive data throughout the enterprise’s data universe, where compliance policies can then be automatically applied.” said Tarique Mustafa, CEO/CTO and Founder of Chorology.ai. “Our mandate-adaptive technology uniquely applies knowledge representation and inference encoding disciplines into the artificial intelligence and language understanding to very accurately discover, identify, classify and map data at scale which has not been possible previously.”
Additional Resources
- Download the Chorology white papers titled
- Deep AI Powered Platform for Data Discovery, Governance and Compliance Enforcement at https://chorology.ai/resources/
- Separating AI Hype from Reality in Data Compliance https://chorology.ai/resources/
- Learn more about the use cases and customer benefits at https://chorology.ai/solution/
About Chorology, Inc. CHOROLOGY.ai is headquartered in San Jose, Silicon Valley, California with development offices in South Asia. Contact info@chorology.ai, (408) 713-3303, 2001 Gateway Place, Ste: 710 West Tower, San Jose, CA-95110, USA. Learn more by visiting https://www.chorology.ai/
[1] ITC, IDC, Gartner
[2] IT Governance UK