concentric logo

Concentric AI Included in Gartner’s 2023 Data Security Hype Cycle for Data Security Posture Management (DSPM)

July 25, 2023
Cyrus Tehrani
6 min read

In today’s data-driven business landscape that has fueled massive cloud migration, managing and securing data has risen to the top of the priority list for most organizations.

As such, many companies seek guidance from Gartner’s Data Security Hype Cycle, which provides valuable insights into emerging technologies and trends in the space. The Hype Cycle covers many aspects of data security that security and risk management leaders must review in relation to their risk appetite and where data is stored, processed and accessed.

In this article, we’ll delve into four key Data Security areas: Data Security Posture Management, Data Discovery, Data Classification, and Data Access Governance. We will also highlight how Concentric AI can help organizations in each of these data security functions.

Data Security Posture Management: The Future of Data Security

Data Security Posture Management (DSPM) is a transformational technology that discovers, categorizes, and classifies data across cloud service providers. According to Gartner, as the data an organization must manage rapidly proliferates, “DSPM analyzes data maps and flows to assess who has access to the data, determining the data security posture and exposure to privacy and security risks.”

DSPM is on the cusp of transforming how organizations identify business risks resulting from data residency, privacy, and security risks. It uniquely discovers shadow data, providing critical insights into previously unassessed business risks. As a result, organizations can mitigate these business risks despite the speed, complexity, dynamics, and scale of data deployments.

Think of Data Security Posture Management like a city’s traffic management system, which is designed to ensure smooth and safe transportation for all its residents. Traffic management involves monitoring traffic flow, managing traffic signals, enforcing traffic rules, and planning for future infrastructure needs. Similarly, Data Security Posture Management (DSPM) is designed to ensure the smooth and safe handling of a company’s data. It involves monitoring data flows, managing access controls, enforcing data security policies, and planning for future data security needs.

Just as a traffic management system uses cameras and sensors to monitor traffic in real-time, DSPM uses advanced tools to monitor data usage and access in real-time. This allows for immediate detection and response to any potential issues, such as data breaches or unauthorized access.

Gartner’s Hype Cycle indicates that DSPM is in its embryonic stage, with less than 1% of the target audience adopting it. However, its potential to transform data security makes it a promising area to watch, and Gartner acknowledges that Concentric AI is helping develop the future of the market, especially when it comes to DSPM.

How Concentric AI helps with DSPM

Concentric AI’s DSPM solution offers a unique approach to managing data security posture, leveraging deep learning to understand business-critical data, providing insights into data risk and enabling businesses to take proactive steps to secure their data. Our autonomous solution eliminates the need for complex rules or manual processes. Plus, Concentric offers continuous monitoring, ensuring that businesses can quickly identify and respond to any changes in their data security posture.

With Concentric, organizations can:

  • Discover, monitor and protect all data types, including Cloud, on-premises, structured, unstructured, and shared via messaging services
  • Gain a risk-based view of data and users
  • Leverage automated remediation to instantly fix access and activity violations
  • Find risk without rules, formal policies, regex, or end-user involvement
  • Secure API-based SaaS solution with no agents required

Data Discovery: Unveiling the Hidden Treasure

According to Gartner, “Data discovery solutions are tools that discover, analyze, and classify structured and unstructured data to create actionable outcomes for security enforcement and data life cycle management.” These solutions increase visibility of disparate and unorganized sources of information, enabling compliance and security teams to improve insight into policy adherence, sensitive information, and sources of data access risk.

Data discovery solutions can provide significant business impacts, including accelerating the identification of sensitive data, advancing data life cycle management activities, and reducing business risk through advanced capabilities to eliminate and quarantine sensitive information.

Gartner’s analysis shows that data discovery has a moderate benefit rating and is in the adolescent stage of maturity, with a market penetration of 5% to 20% — indicating a growing recognition of its value in managing and securing data.

How Concentric AI helps with Data Discovery

Concentric AI’s Data Discovery solution uses advanced machine learning technologies to autonomously scan and categorize data — everything from financial data to personally identifiable information (PII), intellectual property, and business confidential information.

With Concentric AI, organizations gain a clear understanding of where their sensitive data is, whether it’s across unstructured or structured data repositories, email/messaging applications, in the cloud or on-premises – all with semantic context. With a comprehensive understanding of their data landscape, they can then implement effective data security strategies.

Data Classification: Organizing Data for Better Governance

According to Gartner, Data classification is the process of organizing information assets using an agreed-upon categorization, taxonomy, or ontology. It helps organizations understand the sensitivity of the data that they process, promotes a risk-based approach, and improves the effectiveness of data protection controls.

Basically speaking, Data Classification helps identify high-value data by categorizing it into a very specific set of meaningful categories.

Data Classification drives multiple use cases such as data labelling, sensitive data identification, automating protection, compliance, security, access control, and data retention.

The drivers for data classification include:

  • Enabling organizations to focus their security, privacy, and analytics efforts on important datasets
  • Supporting ethical and compliant processing of data throughout an organization
  • Serving as an essential component of data governance

Gartner rates the benefit of data classification as high, with a market penetration of 20% to 50% and a maturity level of mature mainstream. This suggests that data classification is a well-established practice in the data security landscape.

How Concentric AI helps with Data Classification

Concentric AI’s Data Classification solution offers a centralized approach to data classification. It uses semantic context to accurately classify sensitive data, eliminating the need for complex rule writing or reliance on end-users. Concentric AI’s solution also integrates seamlessly with existing classification frameworks, enhancing the effectiveness of data security strategies.

Concentric AI autonomously identifies data, learns how it’s used, and determines whether it’s at risk. Just like with data discovery, our solution empowers organizations to know where their data is across unstructured or structured data repositories, email/ messaging applications, cloud or on-premises – all with semantic context.

Our large language models have developed a semantic understanding of data and provide a thematic category-oriented view into all sensitive data – from financial to intellectual property to business confidential to PII/PCI/PHI. Concentric allows security teams to classify data without any rules, regex patterns or end user-involvement.

Concentric compares each data element to baseline security practices exhibited by semantically similar data. Risk is autonomously identified from inappropriate permissioning, risky sharing, unauthorized access, wrong location and more.

Data Access Governance: Securing Access to Data

Gartner states: “Data Access Governance (DAG) provides data access assessments, management, and real-time monitoring capabilities for the unstructured and semi-structured data found in file repositories. Its primary purpose is to determine, manage, and monitor who has access to which data in an organization’s repositories and how that data is classified.”

Essentially, DAG is the process of defining and enforcing policies for how data is accessed and used. It includes defining roles and responsibilities for those with access to data, setting up processes for granting and revoking access, and auditing data access. DAG products help organizations solve data security and privacy regulation issues, especially in sectors where data access tracking is critical. They also help protect intellectual property in manufacturing and energy industries and healthcare and research data in the federal and pharmaceutical industries.

Gartner’s analysis reveals that DAG has a moderate benefit rating and is in the early mainstream stage of maturity, with a market penetration of 5% to 20%. This indicates that while DAG is gaining traction, there is still significant room for growth and adoption.

How Concentric AI helps with DAG

Concentric AI’s DAG solution offers robust data access governance capabilities. Concentric helps organizations meet access and activity governance regulations, demonstrate control to auditors, and implement zero-trust access practices. Our solution also enables businesses to discover and remediate risk without writing a single rule, simplifying the process of data access governance.

With Concentric, organizations can answer crucial data access governance questions:

  • Where is my business-critical content?
  • Is my sensitive data being shared only with those who are authorized to see it?
  • Has data been shared or accessed inappropriately?

The final word

As the data landscape continues to evolve, technologies like DSPM, Data Discovery, Data Classification, and DAG are becoming increasingly critical for all types of organizations and industries. By understanding and implementing these technologies, organizations can better manage and secure their data, mitigate risks, and comply with regulations.

As Gartner’s Hype Cycle and market analysis suggest, these technologies are not just trends; they are the future of data security and governance.


Libero nibh at ultrices torquent litora dictum porta info [email protected]

Getting started is easy

Start connecting your payment with Switch App.