Harmonic Security has launched to help organisations use generative AI safely without compromising their data.
Some 8,400 generative AI apps are now available and a Gartner study has found that 55% of firms are piloting or using generative AI. The majority of apps are unregulated with unclear policies on how data will be used, where it will be transmitted to or how it will be kept secure.
It puts companies at risk from shadow AI employees using these apps either with or without company permission to achieve productivity gains, at the cost of surrendering data and intellectual property.
Harmonic Security addresses these challenges. Jointly headquartered in London and San Francisco and founded by CEO Alastair Paterson and CTO Bryan Woolgar-O'Neil, the company is backed by $7m in seed funding led by Ten Eleven Ventures, with participation from Storm Ventures and 14 other private investors including Jerry Perullo, former CISO of the New York Stock Exchange, Daniel Bernard, CBO of CrowdStrike and Eileen Burbidge, Founding Partner at Passion Capital.
Paterson was the founder and CEO of the cyber security company Digital Shadows from its inception in 2011 until its acquisition by ReliaQuest/KKR for $160m in July 2022. Paterson led the company to become an international, industry-recognised leader in threat intelligence and digital risk protection. Woolgar-O'Neil was the Chief Technology Officer at Digital Shadows, developing its flagship product SearchLight into a leader in digital risk protection (as acknowledged by analyst firm Forrester).
"There is a critical need for Harmonic Security. The staggering growth of the generative AI ecosystem has meant that 74% of firms don't have an AI policy in place and security leaders are struggling to get their arms around the problem of unsafe use and lack visibility into what AI services their employees are using," says Paterson.
"Organisations want to be innovative and make the huge productive gains AI offers rather than blocking everything. However, right now they don't understand the risks well enough and lack the resources or expertise to get on top of the problem," he says.
"It is the wild west for generative AI at the moment, these 8,400+ apps have a variety of different purposes with many targeting different business functions in enterprises."
Paterson says many do not meet basic security standards and their data policies are unclear putting firms at risk of breaching GDPR.
"Some for example encourage the upload of corporate CSV files to help accounting professionals compile annual reports. Without safeguards in place, firms are at real risk of sacrificing their company secrets to cybercriminals or nation states," he says.
"Yet the opposite could be true blocking all use of generative AI can mean missing out on productivity and innovation gains and can only be a short term solution."
By providing a complete picture of AI adoption in the enterprise, Harmonic Security provides security leaders with the visibility they need for the first time. Harmonic provides a risk assessment of all AI apps so that high risk AI services that could lead to compliance, security or privacy incidents are identified.
This approach means that organisations can control access to AI applications as required, including selective blocking of sensitive content from being uploaded, without needing rules or exact matches. With full automation throughout it reduces load on existing security teams and means that as the number of AI apps continues to grow security teams can stay on top of the threat.