With the promise of protecting CEOs, Virsa created the first compliance software application that could be used to stay within the legal parameters of Sarbanes-Oxley. The company became astoundingly successful, being acquired by SAP for $400 million and placing Jasvir in a senior vice president position of their SAP GRC software business unit. A year later, Jasvir would again take the reins of his own company. In 2007, AlertEnterprise was born, and much like Virsa, it came at a time when security breaches were the cause of huge, controversial incidents.
"The software combines predictive risk analytics, machine learning and artificial intelligence to correlate complex threats across IT, physical security and OT"
With events such as the Washington Navy Yard shooting and the killing of three at a start-up in Santa Clara looming as consequences of security failures, AlertEnterprise was founded with the realization that the day's security threats were different than what was it before. No longer was cybersecurity solely a matter of IT threats—it could now be classified into a variety of threats, with varying motivations for attack and different ways of thwarting each attempt. As the company progressed, Ray Lane, Partner Emeritus with legendary venture capital firm Kleiner Perkins (and former Oracle president and one time chairman of the board at Hewlett Packard) invested in the company as well.
“One of the areas that’s very satisfying for us was the fact that just a few years ago, Gartner Research issued a document that they called ‘definitions’ and they redefined what cybersecurity meant. Cybersecurity was a combination of IT security, application security, physical security, OT security and more. They're now calling that digital security,” explains Jasvir Gill, Founder and CEO, AlertEnterprise. For a while now, AlertEnterprise has spearheaded an entirely different view of cybersecurity in the digital age. Big enterprises are now starting to take note that cybersecurity is more than just IT—it’s IT, OT and physical security put together.
What Jasvir refers to as “blended threats” are best observed in how AlertEnterprise works as business layer that sits on top of the existing IT, Physical Security and OT systems and allows security operators and operational managers to seewhat’s going on.
In a utilities industry scenario, when a relay technician goes to a critical substation in the middle of the night and swipes his badge, the software goes into the system and, from an analytics perspective, looks at how many times this person has been in the facility outside of work hours. Within 10-15 minutes of the entry event, the software can detect an unauthorized disabling of a protective relay that could create a blackout or cascading outage. The software generates an alert back to the security operation center immediately.
This combination of IT and OT eventually leads to the physical security perspective, which is deciding whether or not to send a guy out with a wrench or with a gun at the most crucial moment. Events like Washington Navy Yard reinforce the importance of being able to make that decision quickly. When the shooter was issued his badge as a contractor, much of his behavior history was not readily available because the information was on different sides of the system. If AlertEnterprise is at play, the individual risk score capabilities would label him a high risk person right away, and enable the authorities to act accordingly.
Improving All Aspects of Digital Security
Whether it’s keeping up with NERC CIP requirements that could rack up penalties of up to a million dollars or preventing high cost incidents that could shut oil and gas plants down for months, businesses love AlertEnterprise for a plethora of different reasons. A big one is that AlertEnterprise’s software is made to help these companies get more out of their cybersecurity, badging systems and automation software collectively, rather than replace all of it. With AlertEnterprise, they can lock out employees who haven’t completed their continuous learning and state certifications, and time-stamp every single action to determine who is where, when they’re there and why.
AlertEnterprise works as a business layer that sits on top of existing IT, physical security and OT systems and allows security operators and operational managers to actively respond to security events
Enterprise Sentry, the company’s incident management and response platform, is particularly good at this. It combines predictive risk analytics, machine learning and artificial intelligence to correlate threats across IT, physical security and OT. The software can take into account the fact that the person in question received a two week termination notice, or failed to complete their continuous learning requirements to keep their certifications active. It can also detect insider threats, and is currently being used at a major airport to sniff out narcotics operations. This is done by correlating work history, access patterns and abnormal badging events outside normal shift hours.
All this activity can be rolled up into analytical dashboards and delivered as alerts to the TSA SOC on premise.
That same airport was able to initiate investigations that led to the arrest of airline and airport employees, which was made possible through predictive risk analytics and intelligent behavior monitoring. This successful combination of IT, physical and OT security led to the development of their IoT solution bAlert IoT Security Commander™, which won ASIS’ Security’s Best award last year. With the conceptual introduction comes plans for the software to leverage, cloud, devices and predictive analytics to deliver security for IoT.
A Closer Look at the Culture and Future of AlertEnterprise
Much of the collaborative nature of AlertEnterprise’s software harkens back to their company culture. They’re a small and flat organization, working around very little hierarchy and with a close, collegiate atmosphere of around 200 employees. Everyone is intimately involved with each of their customers’ situations, even Jasvir, who takes a hands-on approach to leadership and works directly with the technology and sales side of the company. They maintain their operation in Fremont, California as well as other locations in the U.S. and have a development center in India as well; however, instead ofsimply doing the design and having them test it, all of AlertEnterprise’s teams work collaboratively across the board.
One of the rare instances of a group of people who have worked together for 15 years in Silicon Valley, AlertEnterprise has made its name as a startup company that delivers on its promises to customers. Their minds are set on bringing IoT, cloud and mobile, into their environment and, as mentioned earlier, they’ve already made momentous progress in the development aspect of that. They’re planning a geographic expansion that reaches further into the Middle East as well as Latin America and see a lot potential in the European market due to an uptick in demand for their goods and services. The company's forecast for the U.S. market in 2017 is also looking exceptionally bright.
With success in the utilities, oil and gas, chemical and financial segments, AlertEnterprises is now eying healthcare as the next big market it wants to break into. “Healthcare has the same issues. They need to track who has physical access to medical records,” explains Gill. “They also have situations where hospitals may have storage of very high value pharmaceuticals and need to track who has access to those areas.” While it can take a hospital many months to figure out who is there outside of their shift, AlertEnterprise’s surveillance can reveal that in a span of 20 seconds, and that’s the type of efficiency that makes their solutions so disruptive.
With a successful partnership with Lenel and an extensive roadmap, AlertEnterprise is definitely a name to watch in terms of company growth and success in 2017.