3 min read
My Next Chapter in Innovation Leadership: Pioneering Data Security at Bedrock
Bruno Kurtic : Jul 23, 2024 6:05:18 AM
After thirteen years of bringing Sumo Logic from inception to public company, I took a year off. The timing for reflection was perfect, as advances in Generative AI (GenAI) created opportunities to solve previously unsolvable problems or solve existing problems much more effectively. As I unplugged, traveled, learned, and engaged with more than 100 technologists working across Generative AI, security and operations, I wrote multiple business plans.
It became clear to me that data security was the main blocker for enterprises trying to innovate faster, move to the cloud, and adopt new technologies like LLMs. Bedrock, a company I was already advising, was focused on data security at scale. I realized that it was at Bedrock that I could make the most impact, and I joined the team as co-founder & CEO.
Data Security Is An Unmet And Growing Need
Enterprise security fundamentally exists to protect data. However, most enterprise security has focused on infrastructure, users, and workloads, because that’s what the available technologies and techniques allow. To secure data, you first need to know where it is (discovery), then know what it is (classification), and only then can you start securing it with additional business and usage context (entitlements, risk assessment, governance, threat detection, and more). We’ve seen how difficult data security is as evident from recent publicly reported incidents involving AT&T, Ticketmaster, Lending Tree, Advance Auto Parts, Neiman Marcus, and 160 others that resulted in massive data breaches.
Why Is Securing Data So Hard?
On top of mountains of legacy enterprise data and documents, development teams generate vast amounts of new digital exhaust data in the cloud while building digital applications, services, and customer experiences. This results in an exponential growth rate comparable to Moore’s Law. In addition, this data is mostly unstructured or semi-structured and rapidly changes due to the fast pace of agile development.
Digital businesses run on data, and often data is part of the product, making data in high demand by many parts of a digital business, including GenAI, BI, development, and other initiatives. Consequently, enterprises accumulate massive amounts of data in Amazon S3, Google Cloud Storage, Azure Blob, Snowflake and the like, with broadly provisioned access by humans, services, and AI/ML models.
While data and infrastructure sprawl continues at an exponential rate, security budgets and teams grow at a linear rate. This results in a widening gap between the resources we spend on security and the surface area that needs to be secured. Spending those resources wisely requires ruthless prioritization and focus on data most impactful to the business. But if you don’t know where your data is or what is sensitive, your only choice is to spread your efforts ever thinner, until a breach happens. At that point you either get more resources or you get fired.
Bedrock Has Built The Answer
For security teams and other data consumers, the first question is, “Where is our data?” We built Bedrock to answer this question at an order of magnitude faster and at an order of magnitude lower cost than today’s solutions. We have developed a patented, hyper-parallelized approach that does not require agents, containers, clusters, instances, or appliances that have to be managed. This ensures speed, lower OpEx, and resilience to protect the business without impacting business operations.
Once data is found, the next question is “What’s in the data and how sensitive is it?” Current attempts to classify data mostly use rules or upstream tagging. This rules-based approach (as with DLP, SIEM, and other rules-based solutions) for data classification is rigid and scoped to atomic values that constantly need tuning. Tagging relies on human process and is, at best, sporadic. I have personally experienced this and seen my customers struggle with rules and tagging at Sumo Logic. We built Bedrock so that our customers won’t have this problem.
At Bedrock, we apply an AI based approach for classification, topic, and sensitivity detection. Our model is a derivative of the GenAI approach that is able to examine the content of data, extract topics, determine sensitivity, derive data lineage, and automatically improve over time. This can be done with no data leaving the customer environment -- ensuring we do not introduce another data exposure vector.
Once the Where and What of the data is established (the foundation), security teams can assess risk and prioritize their efforts to ensure sensitive data is secure.This foundation is required for many security use cases including data security posture management (DSPM), data governance, threat detection and response, intellectual property (IP) tracking, and many more.
Bedrock has built this solid foundation and on top of which is a streamlined data management and security platform. Our platform incorporates and synthesizes information about entitlements, service access, vulnerabilities, anomalies, and lineage, in order to give security and data teams a way to prioritize their efforts.
Bedrock Team
As I begin our journey to build the next data management and security platform, I am delighted to be partnering with a team of thought leaders.
Pranava Adduri and Ganesha Shanmuganathan bring extensive technical backgrounds in data protection at a petabyte scale. I bring the real-time big data and security expertise from building data management, DevSecOps, and SIEM technologies at Sumo Logic, Sensage, and webMethods. Together with the rest of the Bedrock team, we have the talent and experience to put data at the center of security strategy for the enterprise. That is exactly where data should be.
These are exciting early days for Bedrock Security. I’m humbled and inspired by the opportunity to lead this pioneering company in the data security space. We are excited to help our customers with DSPM, IP Tracking, and control of data for GenAI initiatives such as training LLMs, RAG, copilots, agents, and more. Stay tuned for what comes next!
Bedrock will be meeting security leaders at the Black Hat security conference, August 6-8 in Las Vegas. Please reach out to me to schedule a meeting. I would be delighted to discuss my vision for how Bedrock can accelerate your data security program.