ZeroFox, a provider of cybersecurity protection and intelligence solutions, announced earlier this month that it is expanding its technology to the physical security market through the introduction of its new “Physical Security Intelligence” solution.
The platform is designed to provide corporate security personnel with real-time visibility and intelligence on issues related supply chain disruptions, as well as public safety incidents with the potential to impact organizational worksites and employees. Additionally, the company says the solution will deliver critical information and context to help organizations understand the nature of incidents and their potential impact, data related to the protection of executives or VIPs, and threat analysis of various events.
While the company has built a reputation for itself in the cybersecurity realm with its digital risk protection offerings, ZeroFox Vice President of Intelligence AJ Nash says that they have expanded their solutions suite more recently via the acquisition late last year of threat intelligence services provider Cyveillance and their purchase of dark web threat intelligence firm Vigilante in July, to become a “full intelligence company” with physical security intelligence being a logical extension of that.
“Digital risk protection is still a massive part of what we do, but we are really growing into a larger intelligence offering,” Nash explains. “Physical and cyber tend to be connected – a lot of folks don’t realize that – but a lot of times when there is a physical event, you’ll see that in cyber first and there is a lot of demand for intelligence that crosses those lines when you get into things like executive protection, facilities [protection] and there’s several areas where physical [security] is very important.”
Open and Dark Web Monitoring
Though there are a variety of threat intelligence solutions available on the market to physical security professionals, Nash says they have a “massive” data collection capability from both the open and dark web that others simply do not, and they can therefore see a greater amount of “chatter.”
“Adversaries that often intend to do physical harm have partnerships or allies and have discussions about subjects,” he adds. “Being able to get into closed forums and encrypted conversations and have folks available to witness what is going on, that chatter and bring that out is incredibly valuable when you talk about planned operations of some kind.”
For example, several years ago, Nash says while he was still working in the financial services sector that hacktivist collective Anonymous launched a cyber-attack campaign that targeted banks which also contained a physical demonstration component, thereby making the issue both a physical and cyber threat.
“Being in a position where you are cyber intelligence, but you are notifying your physical security team and your executive protection team of potential threats to facilities and pre-positioning as needed to prevent any problems is a huge value to have,” Nash says.
Another thing that differentiates the ZeroFox Physical Security Intelligence solution from other security data aggregation platforms, according to Nash, is the personnel component.
“Most who serve [the industry] in a fashion like this – it is all automated – they pull in a lot of information, and they automatically push it back out, there is some AI and some ML there I’m certain to reduce the noise, but it is by design going to be somewhat noisy,” he says. “In fact, some customers want the noise, they are fine to go through that because they want to have a hold of everything - they have the time and the energy. Most in the industry don’t though and we have experts who curate material, so we make sure what is coming out is a more targeted feed that is designed to have great impact with less effort, frankly, which is what most folks in the market want.”
Go-to-Market Strategy
Nash says that the company will be selling the new physical security intelligence offering both direct to end users as well as through their various channel partners.
“The key piece is to make sure we’re identifying the right buyers,” he says. “We want to make sure we identify the people that are going to get the most value out of this and that’s a bit of a move in this industry. The folks that are typically going to buy cybersecurity [solutions] are not going to buy brand protection and digital risk [offerings]. Folks that buy digital risk often are not the folks that are buying physical security and those folks might not be the ones who buy cyber intelligence, the deep and dark web intelligence pieces. It’s important to identify the buyer in every industry and every company that is going to get the most benefit.
Joel Griffin is the Editor of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].