I hope very few businesspeople have forgotten that 2014 was “the year of the breach.” Cybersecurity became front-page news and, to add to our collective insecurity, Tom Ryan, CEO of Argyle Data, points out that “existing fraud management systems are losing the innovation battle against evolving and sophisticated cybercriminals.”
“The problem,” he warns, “is that fraud is the real F-word — it’s taboo and people don’t like to talk about it, so there’s this lack of knowledge about the scale and impact of fraud at senior management and board levels.” Part of his firm’s approach is to tell companies to remove the taboo: investigate and measure all aspects of fraud and report it to your stakeholders.
Based in San Mateo, Calif., Argyle Data provides big data analytics “at network speed and Hadoop scale.” The startup launched its real-time fraud and security analytics product, ArgyleDB, in October 2014.
In an email Q&A with TechRepublic, Ryan discusses the resources that Google and Facebook have to combat fraud and how to reproduce them for the enterprise, how analytics technology is shifting to Hadoop, and the “fusion center” concept in cybersecurity.
TechRepublic: What would you say to a room full of executives and board directors about the current threats of cybercrime and fraud?
Tom Ryan: Last year will be remembered as the year that fraud and cybersecurity moved from a back-office subject to front-page news. What’s more, existing fraud management systems are losing the innovation battle against evolving and sophisticated cybercriminals. The problem is that fraud is the real F-word — it’s taboo and people don’t like to talk about it, so there’s this lack of knowledge about the scale and impact of fraud at senior management and board levels. On average, a company loses 5 percent of its revenue to fraud. These losses not only affect the bottom line, but also result in losses due to compliance fines, customer service cost and churn, and brand and reputation damage (which can often times be the most costly).
We often frame this problem by asking when CFOs will start to “put the F-word” in their annual reports. The questions every analyst and shareholder should be asking a company now are:
- How much do you lose to fraud?
- What is the impact of fraud on your EPS [earnings per share] and stock price?
- How do you compare to the average performer in your industry?
- What are you doing to protect your brand from the damage fraud causes when it goes public?
We’ve been working with several global leaders who understand the impact of the F-word, and we believe that every enterprise and carrier has an obligation to do the same to protect their customers from fraud. When they can’t defend themselves from fraud, customers look for protection from their suppliers, and we believe that enterprises and carriers can increase usage by providing the safest environment for their customers.
TechRepublic: The news of 2014 was a wake-up call for many organizations regarding cyberthreats. How do you feel about the capacity of enterprises, in general, to respond to and mitigate cyberattacks?
Tom Ryan: When we researched the market, the first thing that struck us was that companies are innovating at a much slower pace than crooks. It’s still common to see enterprises using the same approaches to security and fraud detection from three to five years ago, while the level of sophistication in the world of fraud has evolved dramatically.
In comparison, tech companies like Google and Facebook are extremely adept at protecting their subscribers from fraud and out-innovating criminals. The problem is that most companies don’t have the same resources of big data talent as these tech giants.
TechRepublic: What are the main trends in your competitive space, looking ahead one or two years?
Tom Ryan: The main trends we see in existing fraud management systems are that more often than not, they fail to detect fraud because the systems themselves use dated rules that discover old forms of fraud. And when they don’t fail to discover fraud, they overwhelm analysts with false positives. This is simply because the systems tend to operate in batch, discovering attacks only after the criminal is gone.
From a technology perspective what we’re going to be seeing more and more is a stack-shift from the LAMP stack to Hadoop. This shift to data-driven application technology is epitomized by real-time detection of petabyte scale data lakes rather than batch detection of data “puddles,” which is facilitated by the combination of signals across channels rather than ETL from silos. And the move away from rules will give way to advanced machine learning technology that will evolve with fraud.
Just as relational databases created a new breed of billion dollar application companies in CRM, ERP, and HR, we believe that Hadoop will similarly create a new breed of billion dollar application companies, of which fraud will be a major category.
TechRepublic: How is the “fusion center” approach changing the way enterprises manage cybersecurity? Additionally, how does Argyle Data’s technology accomplish this?
Tom Ryan: Criminals are quick to understand rules and the way data is stored in silos. Common patterns we see are criminals either flying under the rules radar, going undetected by older security systems, or flying between silos. That’s why the “fusion center” concept is so important. It’s critical to combine signals across channels and combine both network and business data to classify fraud in real-time.
Argyle Data uses the same approaches to fraud detection and mitigation as Google and Facebook by creating a pre-packaged, real-time fraud detection and analytics application that is simple enough for any fraud analyst to use. Once Argyle is up and running, there’s no need to hire specialists to manage a custom system.
TechRepublic: What is new and different about Argyle Data? On what technological innovations did your base your solution?
Tom Ryan: Going back to how we saw tech companies protecting their subscribers from fraud, the two components we needed to ensure our technology was successful is working in real-time and at petabyte scale. Taking that lens to fraud, we created a real-time fraud detection system using machine learning at massive scale. We also applied Facebook’s “Immune System” concept to our software, and built our own immune system for mobile carriers and enterprises. The approach has three key phases:
- Real-time packet ingestion and deep packet inspection
- Real-time feature enrichment and fraud detection using adversarial machine learning
- Interactive fraud analytics against petabytes of data
By applying these concepts and technologies from some of the most innovative and technologically advanced companies, we’ve been able to take fraud detection and analytics into the modern era. We jokingly call [the old] era “Elephant Applications vs. Data Dinosaurs.” A Hadoop driven, machine learning approach brings carriers and enterprises into the modern age so as to out-innovate cybercriminals.
TechRepublic: How would you present Argyle Data’s features and benefits to someone in charge of enterprise IT security — someone who has probably lost sleep thinking about his or her job?
Tom Ryan: People are right to lose sleep over this issue, but not only the person in charge of IT security. Every CFO should lose sleep about the impact of fraud on the EPS and stock price of his company, and every CMO should lose sleep about the brand damage that occurs when the company’s name, next to the big F-word, is splashed all over The New York Times.
Argyle Data is a real-time fraud analytics application built from the ground up on Hadoop using the latest big data, machine learning, and anomaly detection technology proven at Facebook and Google. When you put our application next to a previous generation fraud detection system, you’ll find that we detect both new and old fraudulent attack techniques, dramatically reduce false positives, lessen the detection time frame to minutes rather than days, and most importantly, save companies millions of dollars from the bottom line.
TechRepublic: What results can you share about the Hortonworks Partner Program since joining last November?
Tom Ryan: Hortonworks is a great partner in a win-win relationship. We’re one of an elite set of partners that has been certified as “Operations Ready,” making it simple for any organization to deploy, monitor, and administer at scale through Ambari. Hortonworks paved the way with a new stack that most companies see as the way forward. We’re part of a new generation of native Hadoop applications — no Hadoop cluster, no application. Our real-time fraud detection and fraud analytics application delivers incredible value to our customers and creates a fire-hose of real-time data that’s stored on Hadoop, creating more data, more accurate fraud detection, and larger Hadoop clusters.
Disclaimer: TechRepublic and ZDNet are CBS Interactive properties.