After raising $10 million in Series A funding, Siren, an investigative intelligence platform, is proving that investigative intelligence is making serious waves in today’s tech world. John Randles, Siren’s CEO, discusses not only the specifics of investigate intelligence, but also what it means for cyber security and what the knock-on effect that the Series A funding will have for the industry.
What is meant by an “investigate intelligence platform”?
An Investigative Intelligence Platform is a platform specialised in the art of investigations across Big Data and very diverse data. It is also focused on problems where time is critical and the user is an Investigator/Analyst. Typical use cases are in the world of Law Enforcement & Intelligence and Financial Crime & Cyber Security. The key to investigations is narrowing down what is really important from billions of records of data across many systems.
Why do you think there has been such growth in investigative intelligence?
We think it is an inevitable evolution of the market. We are moving from a focus on data collection and storage, at scale, to one of utilisation. Investigative Intelligence is fundamentally about using all of this data to solve the most critical problems around keeping people, money and networks safe.
How will the Series A funding help the firm?
It will allow us to further invest in core R&D expanding our AI capabilities (anomaly detection, prediction, entity resolution, etc.) and allow us to scale our market presence in key growth markets in North America & Europe. We are also investing in partnerships that are helping to scale the business across the Middle East and Asia.
What does it mean to have funding from a firm such as DVI Equity Partners, a team that is so heavily tech-based and that also funded the world’s most deployed policing and intelligence software?
This is a huge validation for us. When you have investors such as Bob Griffin, who is a global authority in Law Enforcement and Intelligence technology, it is a massive endorsement that we have unique technology for the biggest problems.
How will the investment shake up what is going on with tech right now?
At Siren, we are huge believers that the data industry is entering a phase where the focus is moving to data utilisation over loading, storage and mapping of data. This is where our focus on search (leveraging Elasticsearch), knowledge graph and AI puts us right in the centre of this trend. People now want a tangible ROI on the investments made in big data and this is where Investigative Intelligence plays very strongly. This investment will enable us to scale and drive the expectations analysts have around the future of analytics, particularly in investigative use cases.
What will having a veteran like Bob Griffin (who is an expert in intelligence and law enforcement software) mean for the team?
Bob drove the i2 and subsequently IBM i2 business to over 400,000 users across the Law Enforcement & Intelligence world. That pedigree will help us avoid pitfalls obvious to Bob, help drive great relationships and enable us to scale globally.
What do you feel the biggest thing going on in cybersecurity is right now?
Right now, a hot topic in Cyber Security is Cyber Investigations, often used interchangeably with Threat Hunting & Threat Intelligence. As the industry has matured the more proactive organisations are not waiting for the breach to happen but are proactively investigating. This is almost an upgrade of the Security Operations Centre (SOC) and the MSSPs (Managed Service Security Providers) are encouraged to take a more proactive approach. This moves the SOC to more of an analytic view of the world that sits on top and compliments existing SIEM capabilities. Recent research I read said the average SOC centre has 40 sources of data from 20 vendors. A product like Siren can make sense of all this data in so many sources.
Why is augmented analytics so essential to the tech industry at the moment?
Augmented Analytics is the concept of helping analysts to do their job through AI & Machine Learning, but the analyst is still in charge. Traditionally, analytics has focused on reporting over static data. Augmented Analytics helps the analyst to on-board the data, find hidden relationships, highlight anomalies and make predictions. It’s really making AI & Machine Learning practical and useful in an analytics context, like we haven’t seen before. There is now too much data for the analyst to work on their own intuition – the machines are here to help.
Where do you see the future of cybersecurity and operational monitoring heading?
We are at the very early stages of leveraging AI in cybersecurity and operations. This will mature over time but the hacker is still mostly caught today by people. The focus of the biggest firms is on threat hunting and threat intelligence and this made possible because of the fundamentals have been put in place from a cyber and operations perspective. The frameworks and methodologies are really maturing as well, such as NIST and the MITRE ATT&CK knowledge base. We see the process side of things being just as important as the technology. This is where the trend towards outsourcing to MSSPs is combining the tech knowledge with the process knowledge to help clients in a very fast-moving world. We also see more and more people look to search in the context of operations (in our case Elasticsearch) to address the scale challenges in cyber & operations.