Ryan Schonfeld, Co-Founder & CEO of HiveWatch tells SJA how artificial intelligence is the catalyst for organizational change.
I’m Ryan Schonfeld, Co-Founder & CEO at HiveWatch, an end-to-end security operations platform.
I haven’t always been in tech; I started my career in law enforcement as a police officer and detective, where I took an interest in investigations of computer crimes.
This led me into a role as an instructor in “identification and seizure of digital evidence” for the US State Department.
Following my time in the federal government, I transitioned into a leadership role in a Fortune 500 company’s Investigations, then Global Security & Safety Technology Group, which is where I became frustrated with how traditional security technology and practices were so inefficient.
This experience led me into the world of security consulting where I continued to struggle finding the right tech solutions for the real-world challenges that clients had in their security programs.
Interestingly, almost every organization, regardless of vertical, had nearly the same problems.
I got tired of the typical “that’s how we’ve always done it” mentality and started HiveWatch four-and-a-half years ago to solve the problems that I experienced as an end user and that all my consulting clients had in their programs.
HiveWatch transforms security operations through cutting-edge technology – delivering precision that saves time, money and maximizes protection.
As someone who worked on the end-user side, I know that we love our mission of protecting people, but the way we go about it doesn’t align with how the rest of the technology world operates.
As a result, HiveWatch is working with some of the biggest companies in the world to sit at the intersection of security and intelligent technology that can unlock efficiency and savings that drive quantifiable value back to the business.
I think that the security industry has historically had a very confused relationship with artificial intelligence.
A lot of manufacturers have sold products that they have claimed use artificial intelligence, but are actually just traditional analytics.
Sometimes in security, there’s a fairly non-technical customer base, although that is starting to shift with a new demographic coming up in and joining the industry.
The industry needs to embrace artificial intelligence by thinking about how it holistically fits within the scope of the security program.
Too many times, security practitioners race to solve a problem after an incident, which can quickly turn into a game of “whack a mole” where individually, you look like you’re addressing what needs to be fixed with a new piece of technology, but you’re missing the overall issue completely.
This kind of thinking leads to a disjointed picture of your security program, with various point solutions that each solve a “thing” but don’t work cohesively.
Where artificial intelligence can shine is by finding efficiency in these programs.
As a security leader, you may have 30 to 100 different tools at your disposal (think access control, video, incident management, risk intel, communications, travel security, etc.), but they almost certainly don’t talk with each other.
There’s no interoperability or normalization of the data being collected.
But that stops now. HiveWatch can take the data being collected by the systems you already have in place and standardize what’s being shown to paint the picture of how effective your program is.
What that means is normalizing the data outputs from these different systems into a standard language, making HiveWatch the source of truth.
This provides actionable insights that security teams can use to respond to incidents more rapidly – and make better decisions about the health of their program.
It’s common for security leaders to talk in terms of risk to the organization – even going as far as selling security initiatives internally through fear.
But fear-based selling is pretty ineffective.
While risk is, of course, important to consider, historically there’s been too much “gut” in defining or scoring risk versus a clear data-driven approach.
Part of this has been due to a lack of availability of information – but now, we have access to clean, actionable and real-time data.
Using that data allows us to find ROI in a way that security hasn’t historically been able to do.
The success of security has traditionally been hard to measure because it means the prevention of something that didn’t happen.
But when you speak to a CFO or non-security business leader, all they want to know is quantitative results – that’s what they’re used to hearing from all the other business unit leaders.
Security can now provide data around efficiency and where incidents are happening, which then allows security teams to adopt a more proactive and efficient posture around staffing levels, asset allocation and resources.
And this is just the beginning. Even your maintenance strategies can have a clear, direct impact on operations ROI with HiveWatch, with device and event-level precision.
These insights enable teams to decide where they want to spend their budget next year, with metrics that are aligned with what the C-suite is used to hearing from every other department.
The ultimate goal is a seat at the table for security.
Similar to the path my career took, a lot of CSOs have traditionally come from a law enforcement or military background.
While this experience is valuable when it comes to identifying risk, it, by itself, doesn’t always translate into running a large-scale corporate security program.
Now, we’re seeing a lot of people rise up through the ranks who have a business or technology background, and I think we’re learning that in many cases, this experience is increasingly valuable.
We’re also finding a change in reporting structures within organizations that is contributing to this change as well.
Before, physical security reported to facilities, finance and HR, but is increasingly reporting through technology and the CTO, which means security has to meet the speed of technological change to remain relevant.
There are very real and tangible ways that artificial intelligence can be used in SOCs to solve big problems today.
For example, we know that alarms are the number one driver of inefficiency, with 60% to 90% of alarms going completely unanswered in SOCs.
Many of these go unanswered because there’s such a high volume that there’s alert fatigue – security professionals start ignoring, or worse, turning off alerts, meaning there is a risk they miss a real incident.
By leveraging artificial intelligence, HiveWatch is able to address the problem of false alarms at a high volume.
Without artificial intelligence, detecting a real incident is like trying to find a needle in a haystack.
Once detected, the operator is alerted and can then decide how to respond to the situation. This is also scalable, which creates a very tangible and quantifiable ROI for security teams.
We’re going to see the capabilities of artificial intelligence continue to expand more broadly.
Today, we’re very effective at dealing with alarm volume, but in the near future, artificial intelligence will also help to alert around device health management, guard management and agentic response automation.
All of the artificial intelligence products we are developing focus on improving security operations.
That means we will have a product for anything that saves time, money and maximizes protection for our customers.
All the repetitive or monotonous tasks that are typical in an SOC today will be completed by artificial intelligence tomorrow.
Anything that requires more nuance and understanding will still be done by a human, allowing them to focus on more consequential and strategic tasks.
HiveWatch has been really successful in building technology partnerships across the security ecosystem and those collaborations have been a key part of our success to date.
Expanding these partnerships to include forward-thinking technology companies that are creating solutions to real-world problems is at the core in the coming months.
Layering not only the incoming data from access control and video systems, but mass communications, risk intelligence and more, will expand the ways that HiveWatch is used to eliminate the silos that keep security programs from making a real impact across the business.
Every day, I see a resistance to change surrounding technology and a lack of knowledge around data implementation and artificial intelligence tools.
There’s a fear that systems have to be in a certain place of readiness before they’re ready to deploy a product like HiveWatch.
The reality is that your system will never be in that place.
The idea of HiveWatch is that it’s built to sit on top of your messy system and we help you get it to the place it needs to be to create real impact.
The saying “perfection is the enemy of progress” is a core tenant of ours.
Instead, we emphasize the “just start” mindset. Just start thinking differently about security as a business driver. Just start eliminating the silos. Just start making incremental changes that add up.
While having a master plan is important, we often need to implement it incrementally. Just start – your future self will thank you.
This article was originally published in the October edition of Security Journal Americas. To read your FREE digital edition, click here.
