KAI explained
Purpose
Kertos develops a SaaS platform for data protection, information security, and compliance. KAI (Kertos Artificial Intelligence) is an AI-driven assistant integrated into the platform to reduce user workload by providing intelligent guidance and targeted answers.
Definition
KAI is based on the ISO/IEC 22989 definition of an AI system: an engineered system that generates outputs (content, forecasts, recommendations, decisions) for human-defined objectives.
Implementation
KAI functions as a copilot using generative AI (like large language models) to assist users with complex tasks:
• Natural Language Input: Users interact using natural language or code.
• Human Control: Users maintain control over final decisions.
• Scalability: KAI adapts to task complexity, providing detailed responses to complex queries.
Application
KAI is powered by language models (LLMs) that process input, identify patterns, and deliver structured insights. It helps users prepare for compliance with standards like ISO 27001 and GDPR by providing real-time, accurate answers.
Domain and Hosting
KAI supports data protection, cybersecurity, and compliance. It’s hosted on AWS infrastructure in Europe, ensuring GDPR compliance. Future data transfers to the US will comply with the EU-US Data Privacy Framework.
Provider and Development
We (Kertos GmbH) developed KAI. The AI models (Claude 3 and Claude 3.5 by Anthropic) are integrated via Amazon Bedrock, offering high-performance text generation and contextual understanding.
AI Models
KAI uses Claude 3 and Claude 3.5 with the following features:
• Language Processing: Handles complex natural language queries.
• Text Generation: Produces detailed, context-aware responses.
• Contextual Understanding: Adapts to industry-specific compliance needs.
Model | Max Output | Training Data Cut-off | Strengths |
---|---|---|---|
Claude 3.5 | 8192 tokens | Apr 2024 | Highest intelligence and capability |
Claude 3 | 4096 tokens | Aug 2023 | Balanced for speed and accuracy |
Data and Algorithms
• Training: Models trained on large datasets from the internet and third-party sources.
• User Data: KAI does not use user data for training unless feedback is explicitly provided.
• Retention: User data (prompts, output, feedback) is stored for up to one year.
Purpose and Use
KAI supports decision-making for compliance with ISO 27001 and GDPR. It helps legal teams, data protection officers, and security experts manage privacy and security processes efficiently.
Maturity and Monitoring
KAI is in beta, with performance monitored through:
• Factual Correctness – Accuracy of compliance-related answers.
• Relevancy – Alignment with user queries and context.
• Completeness – Coverage of all query aspects.
• Response Time – Answers delivered within 50 seconds.
• Conciseness – Clear and focused responses.
Security and Risk
Kertos monitors KAI for potential threats:
• Evasion Attacks: Attempts to manipulate responses through altered inputs.
• Poisoning Attacks: Corrupting training data to alter AI behavior.
• Privacy Attacks: Attempts to extract sensitive information.
Ethics and Bias
Kertos addresses AI bias through transparency and user awareness. KAI does not use data that identifies individuals by age, gender, or other personal attributes.
Environmental Impact
KAI runs on AWS, which aims for net-zero carbon emissions by 2040.
EU AI Act Classification
KAI is not classified as a high-risk or prohibited AI system under the EU AI Act.