Over the past few years financial services has become increasingly aware of the power of data – but when it comes to leveraging the data they need for maximum benefit, there’s still some way to go.
QOMPLX exists to enable organisations in gaining and maintaining a secure, scalable, and stable data supply chain, bringing together disparate information to improve performance. Founded in 2015 by military veterans Jason Crabtree and Andrew Sellers, the firm uses analytics, machine learning and more to enable better decision making based on ‘ground truth’ observations. The pair founded the firm following duty in Afghanistan and Iraq, and eventual service in the cybersecurity community, where they worked on very large data and risk programmes. “The problems we were facing on the defence and intelligence side were the same faced by financial institutions,” recalls CEO Crabtree. “All this data is coming from these different places, what the hell do I do about it?”
The now 160-strong company focuses on collecting, adjusting, cleaning and organising data – at scale, fast and cheap, saving clients years of research and development or the costs that can stem from practical challenges of integrating many point solutions. Crabtree and Sellers see this type of multi-source data fusion at the centre of opportunity in finance and other sectors. The most important use cases for the company are currently in cybersecurity where it focuses on keeping client information safe and secure by fixing key challenges in enterprise authentication and privilege management. The aim? To ensure users’ identity on enterprise networks and then use the platform to enable consistent operations in data supply chains and help organisations stay accountable. “Today, not many organisations could tell you if they changed a data set, how it would actually flow through and impact the series of decisions made,” Crabtree explains.
The core element for managing data, particularly within financial institutions, is authentication. “One of the critical challenges in the world today is the abuse of privileges within organisations,” says Crabtree. “Whether you’re a client or an internal user, I need to know who you are so I can check and enforce what you’re allowed to do.” A large portion of high-profile breaches and business interruptions – including ransomware – in recent years have heavily relied upon the abuse of data privileges, so secure architecture for authentication is vital. Authentication is the apex of security control in security and network operations.
While organisations can have tens of thousands of different services doing authentication, QOMPLX has built an application that uniquely checks the legitimacy of every key used in each authentication event. QOMPLX takes what Crabtree describes as a “firehose” of information, maps it and helps the client to use all this data to influence decisions on risk and user privilege. This helps major financial firms ensure their security programs are up to snuff by addressing and evidencing a key risk area to enterprise risk managers and to regulators.
In developing this solution, it’s vital to truly partner with the client, understanding the business case and goals, rather than simply acting as a vendor with a particular product or solution. “We do critical infrastructure, so we’re providing pipes and iron for them to send data through and build on top,” says Crabtree. “In this relationship they have to know we’re going to handle their data at scale in a secure fashion and take away some of the operational complexity that limits how fast they can go after new business cases.” QOMPLX notes that it has clients sending many terabytes of data per day through its services and that it is designed for petabyte scale analytic use cases across cybersecurity, insurance and finance.
Earlier this year, QOMPLX announced over $76mn funding from experienced financial services investors and operators led by Motive Partners and Cannae Holdings, which Crabtree says the business will use to expand its sales and marketing efforts now that it’s fully out of its R&D phase. “It’s not enough just to be clever. You need a global, world class team of people to provide, operate, maintain and enhance this type of infrastructure.”
QOMPLX has also made a number of recent hires supporting its commercialisation drive including John Ferrari as Chief Administration Officer, Andrew Jaquith as Chief Information Security Officer and head of the Cyber Division, and Bill Solms who will head up the new Government Solutions Division. Crabtree hopes this division for a growing customer base will give QOMPLX a channel to “appropriately interact in a focused way with a group of clients that have a meaningful need but also unique requirements”.
As financial institutions and indeed government entities increasingly rely on data to transform their operations, Crabtree warns they must seek to fully understand the information they hold and how it can be used. “If you’ve got a treasure trove there are plenty of people who want to come and look through that treasure, see what there is and what they can do with it.” Security must be at the centre of initiatives to gather and utilise information for new offerings and services.
Moving forward, Crabtree acknowledges that finance companies are displaying increasing “thoughtfulness and intention” around the data they gather and how it drives action, but says there’s substantial room to go further and accountability is key. “The last thing you want to do is take on additional liability and responsibility of holding on to some piece of information if you’re not actually going to leverage it to improve the client experience or drive revenue,” he explains.
This is why understanding the supply chain of data – where it comes from, how it is enriched, transformed and it’s used – with the help of QOMPLX will prove vital. The accountability for this is, and will continue to be, driven by the customer. “It’s not acceptable to say ‘my computer ate my homework’,” says Crabtree. “You ultimately own the decision and you’re doing things that are critical and impact people’s lives.”
