“Organizations like Teleran are now developing more sophisticated artificial intelligence-based learning engines that predictively identify and stop malicious information requests or patterns of requests automatically.”
Market for targeted GRC tools includes analytics, AI
As the governance, risk and compliance market changes, organizations can pass on the full-blown GRC suite and instead choose a tool that targets a specific issue. A number of vendors are offering these targeted GRC tools. Leading the way are those that have developed various offerings, including analytics tools, cognitive systems, event management tools and discovery software to collect data from disparate systems and automate decision-making.
Smarter GRC tools need integration, automation
Many system-level GRC tools weren’t designed to audit and control all transactions and, therefore, require a significant amount of manual configuration and ongoing administration, said Chris Doolittle, principal consultant for Teleran Technologies Inc., a provider of real-time business intelligence for application performance and compliance policy management, based in Fairfield, N.J.
To keep up with escalating sensitive data volumes and IT complexity, organizations need to take advantage of automation and true machine learning, beyond analytics, that audit, identify suspicious or subtle issues, and automatically control unwanted or pernicious user behaviors, according to Doolittle.
Some data protection systems are now developing more sophisticated artificial intelligence-based learning engines that predictively identify and stop malicious information requests or patterns of requests automatically.
Integrating the machine learning process with actual access policy generation is a critical automation step that minimizes the time-consuming process of a security specialist interpreting behaviors from logs or reports, and then having to create the appropriate control policy that will prevent that behavior or similar behaviors, Doolittle said.
“This integration and automation speeds effective policy generation, automatically keeps up with changing data usage patterns, and improves control policy accuracy and effectiveness,” he said. “Teleran’s data protection software delivers network-based auditing of sensitive data in the context of the business and applications in use.”