In any organization there is overlooked information that is never noticed and no one ever thinks about. It includes, among other things, information captured in an image archive or document management repository, or it could be data housed in ERP systems, collaborative workflow platforms or any number of line-of-business databases. Things like social security numbers, financial and medical account details, addresses and phone numbers, are all found in these repositories, yet that information can be overlooked or hidden from view; especially as the volume, velocity and variety of information that must be managed continues to grow at unprecedented rates. This information can represent a treasure trove of opportunity for data hackers and cyber-thieves looking to steal sensitive and private data.
So what do you do about it? One good step is to apply Artificial Intelligence to battle cyber-theft. I spoke recently with David Jones, VP of Product Marketing at Nuxeo. Dave is a member of the board of directors at AIIM International and an expert in digital transformation systems and strategies. We discussed innovations in AI and how it can be applied to the issue of cybersecurity.
Dave, we’ve talked about using AI for applications in everyday processes like help desk operations, and for forward-looking applications in business intelligence, but you say that AI is a powerful tool to battle cyber-theft, now so?
When it comes to protecting your data and safeguarding personally identifiable information it is important to “know what you don’t know.” In other words, exactly what content are you holding on to? What does it say? And where is it located?
At Nuxeo we’ve created an AI framework that performs in layers. We examine enterprise content in steps, starting with structured data and documents in image and content management repositories, moving on to unstructured content in business systems, and then progressing to images, audio and video. While some of this content is controlled with strict information governance and retention policies, oftentimes other content falls outside of that purview. It can be extremely difficult, if not impossible, to know what that content is, what it says and what risk it might present to the organization. Our systems are used to dig in and gain that understanding in a way that provides advanced understanding of your enterprise content in terms of risk and exposure.
How does it work? Can you point to a specific model?
One example of this type of content discovery process is to first classify the document types that are present across the enterprise. What are they and where are they? Next, we put another layer of the model on the top that understands the results from that first layer and makes more reasoned judgements on the top of that. Then we put another one on top of that, building up layers that are getting further and further apart at the ends but are all coming from that core nucleus of understanding. You literally ‘layer up’ your discovery.
It seems like every week there is yet another high-profile data security breach, and some of the world’s most tech-savvy companies are falling victim. How can AI help?
Experts tell us that it’s not a matter of if your organization will be hacked, but when, and the chances that your organization will suffer a data breach this year are one in four.
AI provides some important tools to help battle cyber-theft, but it’s really about the policies that you put into place as a result.
For instance, it’s not always about collecting more data…sometimes you need to get rid of data that is no longer providing value but may represent great risk to the organization. AI is a powerful way to discover exactly what information is out there, what it says, and where it’s located. From there, more thoughtful and strategic decisions can be made about the retention of content that matters, the elimination of obsolete and redundant content, and the types of measures and practices that need to be put into place for proper information governance.
This concludes our three-part series of interviews with David Jones, VP of Product Marketing at Nuxeo. Read the other two blogs here:
Kevin Craine is a business writer, technology analyst and award-winning podcast producer. He was named the #1 Enterprise Content Management Influencer to follow on Twitter and has listeners and readers worldwide. Find him at CraineGroup.com
Follow Kevin Craine on Twitter