When you are trying to manage the risk of a global organization, it is what you don’t know that has the most potential to damage your operations. For Will Anderson, the CEO of the newly merged Resolver Inc., a risk mitigation software solutions provider that recently joined forces with PPM 2000; it is all about providing clients the right analytic tools to help them stay a step ahead of those threats.
“I don’t know if the world is necessarily riskier but it is a lot more complex. As a result of some of these scandals and breaches today, boards, governments and businesses see a lot more risk hiding under all this stuff and they must come to grips with it,” confides Anderson. “So I guess it is the complexity of an increased interconnectivity in the world that has brought risk more into focus and into the spotlight. But it is still hard to know what is going on when all your data is in five different places.”
Late in 2014 when Anderson’s Klass Software group, a leading enterprise software, and growth equity fund based in Toronto acquired PPM 2000; there was already a vision to help alleviate this complexity. The strategy was to take PPM’s incident management solution, used by many large corporations around the world, and integrate it with Resolver’s risk management and compliance software component to create a holistic risk mitigation and detection solution.
“We had a few hypotheses for these types of companies we wanted to buy. First we wanted to align with a company that had the strong market expertise, and people that really knew their space. As a software generalist, I could fix technology, but it was imperative to have deep subject matter expertise. So people like Brian McIlravey (co-founder of PPM and now Executive Vice President of Resolver) were the type of people we were looking for,” says Anderson. “Incident management and security really just risks that becomes personified and real.”
It was just as important to make the ROI real for its potential clients. Realizing that big data is just a big mess without structured analytics, Resolver’s management has charted both a technology and a business roadmap that makes sense Anderson confides.
“You can make the business case for integrating your incident dispatch system with either your PSIM or video management system because the potential payback is realistically just weeks when you realize all the data entry saving you will recoup,” he adds. “The sheer volume of critical information that is lost to investigators because of errors in transcription or errors of omission is a huge issue. Most investigators are harried and too busy to sift through the tons of available data that could ultimately help them solve a case.”
Anderson says that seeing the phenomenal customer base of PPM 2000, which boasts more than 20 percent of the Fortune 100 as a client, it was evident they were clearly doing something right and had the in-house expertise to complement expansion. But he realized that the growth potential was not being optimized as quickly as he would have liked. So by bringing the strengths of both PPM and Resolver together, they could transform the way their customers perceived risk.
“Other companies in this small competitive set couldn’t match PPM in functionality, yet it still wasn’t a giant space. But we are seeing movement. The pure incident management space is no more than $100 million a year. But once you start touching cameras, access control, and situational awareness, now suddenly, that market gets bigger,” explains Anderson. “Then if you go to the software side and start touching compliance and ERM the market gets really big. You go from $100 million to a $10 billion market. This expanded market comes with more challenges as well, though. You have to have a bigger wallet to play in this enterprise space and be a lot more versed in systems integration because no one system does everything.”
Building on the skill sets and expertise this newly merged company brought to the table has been key to Anderson and his staff’s vision of the new Resolver. “We need to take advantage of the good relationships and partnerships already established and expand out from there,” says Anderson. “This is not an industry where you can stand still.”
Anderson explains that although convergent systems are more compatible than they were four to five years previous, there is still a lack of system openness that prevents the full potential of software analytics to shine. The goal is to create a fully integrated platform that connects security with risk management so that Resolver can be in the unique position of offering its customers the ability to address security, risk and compliance requirements in a seamless fashion.
“Big data doesn’t really work in a silo. If your incident report data isn’t talking to your video surveillance data, which isn’t talking to your access control readers or tying into your governance program, then all of a sudden your big data isn’t as interesting and your information isn’t as compelling,” Anderson says. “As a vendor, we don’t have a choice of being open or closed anymore.”
As far as what drives this new marketplace, Anderson feels it is a mixture of both technology and global events.
“There are two elements driving the market. One is the technology. Ten years ago you had to build very specific systems. You had to articulate a specific function for a specific screen. You didn’t have the flexibility to move data around. Changing a screen was a nightmare. The software is a lot more flexible now. You have the ability to have one system take over 10 other systems and streamline functionality. The ability to consolidate systems and functionality has opened up a lot more possibilities,” Anderson adds.
Anderson goes on the say that the security industry is in the infancy of applied analytics. He contends that most software solutions are selling more knowledge than insight.
“With today’s analytics you can ask a question and get an answer -- and that’s interesting,” Anderson continues. “But the analytics are not good enough to predict an off-the-chart risk. They aren’t there yet. But that is better than where we were 4-5 years ago when analytics couldn’t even answer the question. I still have not seen the marriage between pieces of gained insight from your analytics and here’s the subsequent action I will take because we are working with closed systems. The raw technology is there. There is amazing technology around neural-network technology stuff, we just haven’t figured out how to apply it to everyday situations in risk and security.”
