RedOwl Analytics Makes it Easy to Manage Human Risk
According to the Identity Theft Resource Center, there were a combined 901 reported breaches between January and November of last year, with the largest number occurring in the business sector. While it’s tempting to lay the blame on hackers on the outside, the culprit is most often someone within the organization.
As CEO of a data analytics solution company, Guy Filippelli was in the middle of investigating an employee when he realized there was no one place to gather the data he was collecting on that employee’s day-to-day activities within the company. His experience handling large, complex data as an Army intelligence officer during tours in Iraq and Afghanistan had shown him that a system allowing organizations to collect employee activity data and use it to identify risk was possible.
In 2012, he founded RedOwl Analytics, a startup focusing on human risk management solutions. The software, aptly named Reveal, allows organizations to monitor internal data sources such as email, chat, network, phone and endpoint, and assess that data for any possible risks employees may be posing. By anticipating future activity as opposed to alerting to ongoing activity, the software allows the organization to take a proactive approach to mitigating that risk.
“It’s not from a Big Brother perspective,” says RedOwl COO Brian White, whom Filippelli brought on in 2014. “Rather it’s from the perspective of the crown jewel of our economy today is information, intellectual property, and you need to have a sense of what’s happening with that data.”
This is especially true since most breaches are not brought on by malicious intent, but human error. An employee forwarding confidential information to a personal computer, leaving sensitive papers out on their desk, accidentally downloading malware, or falling for a phishing scam can put an organization at enormous risk.
“Think about your day. You woke up this morning [and] you did probably what you do most days. When that is different, [we] want to determine why,” explains White, who spent three years working for the Department of Homeland Security before turning his focus to consulting large technology and blue chip companies on security and risk management.
Any change in pattern is noteworthy, he says. Though there could be a valid excuse for the deviation – family visiting from out of town, an illness or client meeting, for example – it could also be a sign that an employee is about to make a mistake or do something fraudulent. With this knowledge, an organization can take action to eliminate or mollify possible or actual risk.
Despite the fact that insiders pose the greatest threat to an organization, RedOwl Analytics is the only security company working to address the issue. “The ability to understand what your people are doing – that’s us in a nutshell,” White says, adding that this knowledge is a crucial aspect of a layered cybersecurity defense program.
Unfortunately, many organizations don’t realize the importance of information security and regulatory surveillance until they’ve become victims of a breach. And even those who do put safeguards in place in advance of a breach tend to focus more on outside threat than inside risk. So, RedOwl takes a more proactive approach, finding companies most in need of their services and pitching their software.
As a result, RedOwl has signed on some of the largest banks in the world as clients. Other clients include Motel 6 and investment firm Blackstone. Buzz about the value RedOwl provides has spread, and the company is seeing more and more business coming from word-of-mouth referrals.
It helps that information security continues to see steady growth and opportunity in the marketplace. In a 2015 article for “Fortune,” RedOwl CEO Filippelli reported that interest in his company’s services spiked in the wake of former National Security Agency contract systems analyst Edward Snowden’s leak of internal documents. “People are investing more and more money in this space because the threat is increasing,” White says.
The ‘Red’ in RedOwl comes from the Spanish word for ‘network’, la red, rather than the color, though the hue does feature prominently in the firm’s logo. The owl, White says, symbolizes wisdom. In other words, RedOwl represents the wisdom of the network. “We’re highly differentiated because we look at communications as a security data source,” White explains. “We’re thinking about the intersection of security and surveillance, focusing on mismanagement in the insider track.”
Their clients fall into two basic categories: large investment banks, where insider trading and market manipulation are real threats; and those in the information security community, for whom understanding their people, or insider track, is a necessity. What they have in common is the need for better pieces of technology. And that’s exactly what RedOwl provides.
When White first came on board, RedOwl Analytics was a 17-person startup. Two years later, it has blossomed into a full-fledged company with 72 employees. Headquartered in Baltimore’s Federal Hill, the company also has offices in San Francisco, New York and London.
But that kind of growth doesn’t come cheap. “You need money to build a company and we’ve had a phenomenal set of investors that have really helped us grow,” White says. Since starting out five years ago, RedOwl has raised more than $30 million in venture capital. Investors include Allegis Capital, Salesforce founder and CEO Marc Benioff, and Blackstone, the latter of which made the decision to back RedOwl after working with them as a client.
“You go out with a pitch deck and you tell people what you’re going to do and hopefully you convince a few, and then you go from there,” White says. And RedOwl has certainly found a niche for itself. “We’re building something that’s very different,” White says. “We’re growing and we’re heading in the right direction.
Leading the way is Filippelli and his vision of monitoring the behavior of people within an enterprise and gathering that data on one platform in order to minimize that enterprise’s vulnerability to a security breach. I95