Contents
In this keynote address, Ant, the CEO of 6clicks, introduces a groundbreaking approach to cybersecurity risk and compliance management through the development of two innovative technologies: a new foundational model known as the Enterprise Action Model (EAM) and an enhanced software experience named Hailey. The mission behind these advancements is to simplify and streamline the management of cybersecurity risks and compliance by making software not only smarter but also more intuitive and user-friendly.
Keynote
Summary
Traditional challenges
Ant begins by critiquing traditional Governance, Risk, and Compliance (GRC) software, which is typically database-driven and relies heavily on forms, grids, and static reports. This approach necessitates navigating through multiple screens and forms, often requiring additional research through search engines to integrate external insights, resulting in a time-consuming and inefficient process.
Evolution with AI
6clicks' journey started in 2019 with the integration of AI to automate time-consuming tasks in cybersecurity, such as identifying overlaps between cybersecurity standards and frameworks. This initial step saved thousands of hours and significantly reduced the reliance on spreadsheets and manual processes.
Limitations of current AI assistants
Despite the advances in AI, including the rise of chatbots powered by large language models (LLMs) like ChatGPT, Ant points out that these technologies fall short in an enterprise context. They struggle with understanding business-specific knowledge, incorporating domain-specific data, and taking actionable steps based on their insights.
Introducing the Enterprise Action Model (EAM) and Hailey
To overcome these challenges, 6clicks developed the Enterprise Action Model (EAM), which aims to understand and execute human intentions by combining company knowledge with relevant and proprietary data sets. Haley, the embodiment of EAM, offers a breakthrough in productivity for cybersecurity risk and compliance professionals by understanding requests, providing expert context, and taking action.
Universal access and integration
Hailey is designed for universal access and will be integrated with Microsoft Teams and the broader Microsoft productivity suite, making it accessible to all stakeholders involved in cybersecurity risk and compliance programs.
Customization and collaboration
Enterprise customers and partners can customize Hailey to make it more relevant to their specific business needs or client requirements. This customization extends Hailey's capabilities across various industries and geographies.
Conclusion
Ant concludes the keynote with enthusiasm for the potential of Hailey and the EAM to revolutionize how businesses manage cybersecurity risk and compliance. He emphasizes the ongoing evolution of these technologies and looks forward to their impact on the industry.
Full transcript
Hi everyone, my name is Ant and I'm the CEO of 6clicks. I'm excited to share with you today two things that we've been working on. A revolutionary new foundational model for cyber risk and compliance and a breakthrough new experience for enterprise software.
Our mission has always been to create software that's smart, not complicated. And now we want to make that software so smart you don't even need to know how to use it. There's insights into things that matter to you most and it helps you get things done faster than ever before.
To achieve this, we needed to break away from the user interface, data model and reporting used by traditional vendors. Instead, we envisage a natural language centered approach. A next generation of AI capability should not just help with specific pain points but understand what you need, share insights from external data sources and importantly, get things done.
Now, before we get started, let's look at traditional GRC software. Stuff that's been around for decades. The problem with this software is not the functionality, it's what's inside.
It's a simple database driven application with forms, grids and static reports. If you want to run an audit, there's a form and a module for that. If you need to build a risk register, there's a module for that too.
Each time you want to do something, you fumble through multiple screens and forms and then you need to jump over to search engines to get insights into what's happening in the rest of the world and try and figure out how that relates to your business. So the reality is by the time you spend months and months trying to implement traditional software, you'll end up by organising your data but not really getting stuff done quicker and easier. So back in 2019, we embarked on our journey with AI, focused on cyber security.
We used AI back then to solve a number of time consuming and manual tasks that have plagued cyber security professionals for decades. This spreadsheet was our inspiration and our AI capability came to life which was designed to identify overlaps and similarities between cyber security standards and frameworks in just seconds. The benefit was then to easily crosswalk audit and assessment activities and faster and more easily manage compliance with new and emerging standards.
And so over the last few years, we've extended highly our AI capability to address a range of applications, including policy gap analysis, generating control definitions, automating responses to audits and assessments and unstructured data classification. Through our research, these capabilities have saved companies thousands of hours and in many cases avoided completely spreadsheets and manual processes. Last year, we've all seen the likes of ChatGPT and the advancement of the large language models have in making it much easier for machines to understand you.
And the popularity of LLM-based chatbots has shown that a natural language-based approach is the path forward. However, in an enterprise context where these assistants struggle is understanding the knowledge in your business, incorporating domain-specific data in responses and ultimately taking action so you can get more done. For example, if you go to ChatGPT and ask it to describe the risks you've not identified that are relevant to your industry, it can suggest options, but it ultimately cannot assist you with that identification or updating your risk register.
Further, it's hard to trust that the response because there's no reference and you don't know where the data has come from. Or alternatively, you could ask ChatGPT to describe the differences between ISO 27001 and this cybersecurity framework. But then what do you do with this information and how does that help you reduce your compliance burden? Where AI assistants struggle is incorporating information about your business and providing references or context to support their response and acting on the response.
Ultimately, AI assistants are good at understanding you, but not good at acting or providing expert and contextual guidance. So to fulfill our vision of an intuitive and insightful companion for cybersecurity risk and compliance, we must go beyond a piece of complex software. We want this capability to be in the hands of every cybersecurity risk and compliance professional in the world.
At a philosophical level, if we have AI trigger actions for you and that within the context of the knowledge of your business and with understanding of relevant public and proprietary data sets, we believe this changes the entire paradigm of managing cyber risk and compliance. So this insight led us to create the Enterprise Action Model or EAM. It is a new foundational model that understands and executes human intentions and in response can undertake your actions with your data combining your company's knowledge with relevant and proprietary data sets.
With an Enterprise Action Model, we've found a breakthrough solution to productivity for the cybersecurity risk and compliance professional. In short, any large language model understands what you say and the Enterprise Action Model provides expert context and takes action. Our EAM has been built for real-time interactions between you and the 6clicks platform.
In fact, our EAM is so powerful, we will be making this available for use by anyone online and integrated directly with Microsoft Teams and the broader Microsoft productivity suite. We call this universal access to empower all stakeholders involved in your cybersecurity risk and compliance program, business users, risk managers, information security professionals and your board and executive team. We know that not everyone will be a user of our cyber risk and compliance software and for that reason, we've built this capability closer to everyone in tools that they know and trust.
What's also cool is being able to extend Haley for more specific application across your business or working with your clients. What this means is that enterprise customers can embed training material, policies or link to sites that will help ensure Haley is more relevant across their business and for a community of advisors and MSPs with a customized version of Haley, you can further supercharge your professional and managed service offerings to ensure better alignment with your clients working in specific industries or geographies around the world. Haley is the culmination of countless hours of work from our research design and software teams working closely in collaboration with Microsoft.
It is powerful and simple to use and Haley is now fully integrated within the 6clicks platform and will be available for use in Microsoft Teams, online and other Microsoft productivity tools. The Enterprise Action Model or EAM underpinning Haley will continue to evolve, getting smarter by the day and will be progressively available for customization by our partners, global systems integrators and enterprise customers around the world. I can't wait for you to experience this next generation of Haley for yourself.
Thank you very much.
Related blogs
Written by Anthony Stevens
Ant Stevens is a luminary in the enterprise software industry, renowned as the CEO and Founder of 6clicks, where he spearheads the integration of artificial intelligence into their cybersecurity, risk and compliance platform. Ant has been instrumental developing software to support advisor and MSPs. Away from the complexities of cybersecurity and AI, Ant revels in the simplicity of nature. An avid camper, he cherishes time spent in the great outdoors with his family and beloved dog, Jack, exploring serene landscapes and disconnecting from the digital tether.
