Episode 124 of the Public Key podcast is here! There are surveys that say 92% of the law enforcement analysts surveyed are unhappy with their tech stack they have today. This is a huge disadvantage when you are investigating some of the most sophisticated transnational crime organizations around the world. In this episode, we speak with John Randles (CEO, Siren), who explains how their investigative platform is able to unify the digital battlefield to aid law enforcement and the private sector.
You can listen or subscribe now on Spotify, Apple, or Audible. Keep reading for a full preview of episode 124.
Public Key Episode 124: Unifying the Digital Battlefield: How Siren Aids Law Enforcement
In this episode, Ian Andrews (CMO, Chainalysis) speaks to John Randles (CEO, Siren), who shares how their team’s investigative platform unifies multiple data sources including blockchain and social media, to streamline and enhance complex investigations.
The duo highlight the many challenges law enforcement faces with outdated tech stacks and bottlenecks in training new recruits and implementing new automation and technology.
John also shares the significant technological shift in criminal investigations and the escalating complexity of global crime, necessitating state-of-the-art tools to keep pace with law enforcement.
Quote of the episode
“The sophistication in the criminal world at hiding their fingerprints across the digital footprint is incredibly sophisticated now as well.” – John Randles (CEO, Siren)
Minute-by-minute episode breakdown
2 | Introduction to Siren and their mission to improve the law enforcement analyst experience
6 | The challenges with modern day police investigations with emergence of social and crypto
13 | The story of building a tech company in Galway, Ireland and attracting VC funding
18 | The challenges law enforcement faces in processing a vast amount of data
22 | How Siren is using AI to assist in explaining knowledge graphs to law enforcement
26 | Understanding policing intelligence from strategic to tactical
29 | The evolution of criminal activity over the last 10 years
33 | The future of Siren and evolution of AI and data
Related resources
Check out more resources provided by Chainalysis that perfectly complement this episode of the Public Key.
- Website: Siren: All-in-one investigation platform
- Blog: Why automation is essential to move faster than the speed of threat
- Announcement: Partnership Between Siren and Chainalysis to Trace Blockchain Transactions And Disrupt Illicit Activities
- YouTube: Chainalysis YouTube page
- Twitter: Chainalysis Twitter: Building trust in blockchain
- TikTok: Building trust in #blockchains among people, businesses, and governments.
- Telegram: Chainalysis on Telegram
Speakers on today’s episode
- Ian Andrews * Host * (Chief Marketing Officer, Chainalysis)
- John Randles (CEO, Siren)
This website may contain links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.
Our podcasts are for informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material.
Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material.
Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Chainalysis. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Chainalysis employees are those of the employees and do not necessarily reflect the views of the company.
Transcript
Ian:
All right, we’re back with another episode of Public Key. This is your host, Ian Andrews. Today I’m joined by John Randles, who is CEO of Siren. John, welcome to the program,
John:
Ian, thanks for having me. Looking forward to the conversation.
Ian:
I am too. Yeah, we’re recording this hot off the heels of Trace DC, our big public sector conference that I run at Chainalysis. And you all were one of the sponsors there, one of the, I think hottest booths in our sponsor area. A ton of interest in your product. So I’m excited to share with the public, Key audience, what you all are up to. We’ll get into your background, but maybe first for people that haven’t had the opportunity to hear about Siren or see the product before, let’s start with a brief overview. What do you guys do?
John:
So what we do is we develop an investigation platform, right? And what that means is we’re really about bringing what we call the world’s largest investigative data set together with enterprise scale investigative analytics, together with what we call our real data and domain experience. So we’re really combining those three things for law enforcement, national security, and defense. And it’s really about helping improve the analyst experience. Right? So, from our research, 92% of the analysts we survey are unhappy with their tech stack they have today.
Ian:
Wow.
John:
It typically takes between six and 18 months to train somebody to be an analyst. They have between 12 and 15 different tools they use to do the job. So they’re really using an outdated tech stack to solve a problem that’s incredibly complex today compared to when those tech stacks were built 20, 30 years ago. So we’re developing what we call an all in one platform for investigators for it include blockchain data, dark web, social media, news, company data, everything you need for an investigation. But the really important thing is linking that to the on-premise classified information, and together you can build real insights and solve some problems, get the bad guys very, very quickly.
Ian:
It was really interesting, at the Trace Conference, I hosted a panel talking about fentanyl in the dark web with a few customers in the public sector space. And one of the individuals on the panel made the point that 20 years ago, a narcotics’ investigation was pretty simple. You’d identify individuals who were involved in the trafficking of drugs, you’d go get a subpoena for a wiretap, you’d listen to their conversations, you’d identify all the related people in the network, and eventually you’d arrest them.
John:
Yeah.
Ian:
Today in order to trace one of these cases, you got to have multiple laptops. You got to have technology to mine information across the dark web. You got to be able to trace transactions across the blockchain. It’s suddenly a very technology heavy investigative experience. I have to imagine that’s driving some of the problem that Siren is solving.
John:
Oh, absolutely, absolutely. And what’s really interesting is the problem has changed as you described, because it’s now a very technical problem, and therefore the analyst that can really solve this problem is incredibly hard to find, right? Because you need to be part data scientists, part data engineer, a coder, an analyst, domain expert, and a great investigator. So you’re really raising the bar so unbelievably high. It is very hard to recruit, but also because most analysts don’t have all those skills, it becomes very difficult to retain because they’re widely frustrated then. So that shift from what you described at the start as being a wiretap, a network subpoena, US somebody, that’s what I described as a desktop problem. There’s a small enough set of data, you sit on one laptop, you got one graph browser, you can put the whole investigation together and you can solve the problem.
And that worked for a really long time and it was really good and really successful and people were very happy with it. But the criminal world moved on. The criminal world moved to whether it was blockchain, whether it was dark web, whether it was social media, all these different touch points, all the digital signal is just all over the place. The sophistication in the criminal world at hiding their fingerprints across the digital footprint is incredibly sophisticated now as well. So you have to catch up. And when criminality is transnational and where there isn’t the same locality or location intensive nature of it, and it is just part of large networks of organized crime, the technology has to keep up. And it hasn’t because I think we’ve had a follow period of investment in this space, but this is why we’re seeing some massive interest in Siren now because we’re bringing big data, advanced analytics to something that hasn’t been an enterprise perspective on it or a big data perspective on it before, or if it has, it was just so incredibly complex it wasn’t suitable for law enforcement.
Ian:
Yeah. Talk about the customer, your ideal user and buyer of the technology, because I suspect it’s not exclusively the really large top of the government agencies who can afford hundreds of millions of dollars on a deployment. You’re actually going after people that are maybe a little bit closer to the work.
John:
Yeah, absolutely. Look, we deal with the biggest law enforcement agencies, but we deal with very small ones as well and everything in between. And that’s what we like is the flexibility and the agility, but it’s not a huge lift. So typically say in the law enforcement world, to get real value from something like Siren, you’re looking at deploying a search capability primarily because there’s three steps in what we do. One is we search, then you will run analytics, and then you generate reports. So what we do in the law enforcement context is we try and capture the internal data. So that’s typically your records’ management system, your computer aided dispatch system. It could be your digital forensics data, it could be your jails records. And then that gives you a very good perspective of what the law enforcement agency already knows. Then you’re connecting to the outside world and saying social media or blockchain data or dark web.
And then in about 35, 40 days, you’ve got an environment where you’ve actually put light on all these things that you couldn’t do before, or you’ve given the analyst or the investigating officer or even the cop on the street, the ability to do a search across all these things that they were never able to do. Because I spent some time in a police department earlier this year in California, and the amazing thing when I sat for a day and went through every system they had to work with was that something like 14 systems. And the hardest thing to do was to say, tell me everything about somebody. So tell me everything about John Randels was an incredibly hard question to answer. So typically they didn’t ask it then, right so it was hard to consolidate, so it didn’t get asked.
Ian:
Yeah, yeah.
John:
I mean, it seems what the end up doing is almost providing the first level of an enterprise search capability. And once you do that, it’s amazing where light bulbs start going off. And I can see this. And to your earlier point, it’s not just the large mega budget organizations need this, but all these organizations need it because they’re floundering without it.
Ian:
Yeah. It’s amazing what you said there about they don’t ask the question that I would think would be central to every single investigation.
John:
Exactly.
Ian:
Show me everything that I know about John Randels should be the starting point I would think in a lot of cases.
John:
Yeah. But the interesting thing is you find out what you know about John Randels in the system you ask, right?
Ian:
Yeah.
John:
So you ask the dispatch system, it’ll tell you what it knows. You ask the records’ management system, it tells you what it knows. It won’t tell you the combined version of the two of them. And the really interesting thing was when, this is where it steps into the crypto world is, where you join to the forensics world, right?
Ian:
Yeah.
John:
Where phones captured at a crime scene, phones were captured when somebody overdoses, unfortunately. And then you’ve got amazing insights that you are able to join together from that phone data to the internal records to potentially finding crypto wallet addresses to find. So you start tracing, you start really not thinking about the restrictions of your systems and how they work, but you just start following the data and wherever that data brings you,
Ian:
It sounds amazing. I am on one hand thinking, wow, where can I sign up to buy some? On the other hand, I am wondering, is it too good to be true? So what’s the technical innovation that allows you to tie all of these systems together? I think my experience has been the data integration has historically been the hardest part of these problems. The reason why a customer might have 14 different systems with elements of your identity or information about you is because the integration’s too expensive or too technic complex to do. So it just never gets done. What have you guys figured out that everyone else has failed that up to this point?
John:
Yeah. Look, I think it goes back to our founding as a university spin out from the University of Galway. Look, I got involved at the seed stage just when it was spinning out from the university where the core innovation at the time was around information retrieval or building a semantic web or building a web of data based on search technology. So what we effectively do is we turn a straightforward search engine into a knowledge graph or a knowledge representation without having to do the traditional ETL data integration. Like you said, people don’t integrate systems because it’s expensive. So if you can make that dramatically easier, then you will do that. So all of our patents are based around that core integration technology, which allows us to turn a search engine, which traditionally is a single index, and you search on one index that we allow joins across index.
So now you have a person index, you have a phone calls index, you have a blockchain transaction index, you have multiple… So you can load all your data from every different system onto its own individual index without ever-changing the data. You leave it just as it is. So traditional integration changes, everything maps, everything changes and maps. So we leave it all as it is. And we have a very unique innovation around having an agile data model, which has primary and foreign keys around each individual index and how they talk to each other. So once you do that and it’s a matter of a day or two to get one of these models up and running, you can start testing the data, you can allow your analysts to ingest their own data. You can get going very, very quickly. And once you do that, then you can start opening up that opportunity to implement a search experience that people haven’t had before. Because oftentimes people don’t trust integration projects because they take too long and they cost too much. If you see something quickly, then you start trusting it, right?
Ian:
Yeah. So, in the example you gave earlier the customer with the 14 different data sources, you’re saying a typical Siren implementation, you could have a prototype environment up and running where those 14 data sources may be in 30 days or so. You’ve got query ability across that entire landscape.
John:
Exactly, exactly. So it really changes it from being what if you looked in a traditional mode of doing something like that, you’d be thinking about an 18 month to two year project, right? So these days they don’t get approved. I’m not going to start because two years could be longer than that, and life’s too short and budgets are too tight and it just tends not to happen. And when we got into this industry, and really proved ourselves, we used to have to do that implementation first before clients would sign up. So we had a major organization who had about 16, 18 different systems that we integrate in about five weeks. And they were saying we were planning to do that over in about the next 18 months to two years. And you’ve just done that. That’s interesting.
Ian:
Yeah. What a great user proof point. It’s fantastic. Question for you, slightly different topic. So the company was founded out of research that was done at the University of Galway.
John:
Yeah.
Ian:
You get an award as the first company headquartered in Galway, Ireland to be on the podcast, I have to say-
John:
Thank you. I’m honored.
Ian:
Absolutely. I have to say, actually, in my time in technology, I can’t recall ever talking to somebody that was at a company where Galway was the headquarters. So talk a little bit about the experience building a company over the last eight, nine years coming from Galway.
John:
Yeah. Look, in terms of why Galway, one is, it’s where the founding seeds were set in all research department, there’s a massive research institute called the Inside Center. It used to be called Derry and University of Galway, and there’s literally PhD students from all across the world. And a French man and Italian man met in Galway and set up a company. So Siren actually stands for Semantic Information Retrieval Engine, right?
Ian:
Oh, wow, okay.
John:
So, yeah, it’s a happy coincidence. It’s a good name for what we’re doing now. So in terms of the experience, most people think of tech and Ireland around Dublin, right?
Ian:
Yeah, absolutely.
John:
Dublin would have the great reputation for that, and it is a great scene for it. But what I love about Galway is it has more air… Companies like Siren have more air to breathe. You’ve got more of a captive audience with local tech community looking for jobs. You’re not competing. Every mega tech company in the world has a Dublin headquarters, so you end up competing with all of them. So Galway doesn’t have that same concentration, but it’s got a great concentration of local Galway tech companies and it does have a multinational element to it, but it’s from a very wide disperse community.
You have people like Boston Scientific, you have Fidelity Investments, you’ve got Genesis, you have a lot of different type of companies. So what we love about Galway is we have a constant stream of graduates from University of Galway, and we go there. I almost say to people, would you like to join a company where you’re in the headquarters or would you like to be in a remote office that nobody really knows you at headquarters?
Ian:
Right, yeah.
John:
And there’s a great community among the tech sector in Galway as well. So, yeah, I’m honored to be the first Galway headquartered company on the pod, but hopefully not the last, hopefully not the last.
Ian:
Yeah. Well, maybe you have to introduce me to some more. Obviously my network is a little thin in that part of the world.
John:
Yeah, exactly.
Ian:
Well, maybe you got to get to Galway. It’s a great part of the world that was… I’ve been to Galway over 20 years ago.
John:
Oh, wow.
Ian:
Yeah, so it’s been a long time. I’m sure it is changed quite a lot since I was last there. But talk a little bit about what it’s like to build a global company coming from Galway. I’m curious about fundraising. We have a lot of tech CEOs who have been guests and listen to the podcast, and I would imagine that presents some unique challenges in terms of the capital allocation side of things.
John:
Yeah. Look, regardless of where you’re headquartered, there’s always challenges, right? And we see ourselves not as a Galway company, but an international company. We also have development centers in France. We have development center in Italy. We’ve a large presence now in the US. So we do see ourselves an international company. Look, one of the things that we were lucky about in terms of our initial fundraising was the last company I worked for was a company called Polar Lake that was acquired by Bloomberg in 2012. So our initial largest investor was a company called Atlantic Bridge who was part of my last venture. So that helped a lot in terms of fundraising.
As I said, the best form of qualification is to go back to somebody that you made money for before. So in terms of the investors we’re able to attract was based on the fact what we had great technology regardless of where we’re headquartered and also because of where we’re headquartered. Because look, Galway is more capital efficient area to build a startup than Silicon Valley, for example. So once you can get the capital, and we brought people in a European investment bank and some other investors and they were looking at are you differentiated? Are you of value? Are you solving a meaningful problem for the community that they all care about, which is a society problem, societal problem? And yeah, once you can answer that questions, people forget about whether or not you’re in Galway or not. And it’s interesting, when you get investors to make the commitment to make the journey to, it shows that they’re serious as well.
Ian:
That is amazing advice, actually. Get them on a plane, have them-
John:
That’s right.
Ian:
… have them seen what they’re missing. Yeah, that’s right. Yeah. Fantastic. So I’m curious, as you have built the global customer base, are you seeing different sorts of usage depending on the market or the problem set that you’re addressing almost universal, whether you’re in Malaysia or Italy or the United States?
John:
Yeah, it’s interesting. A few years ago everybody was saying how different the problem is everywhere and how unique people were. And the more and more we do this, the more commonality we see. They might have concentrations on things like it might be more of a narcotics focus in one area. It might be human trafficking in another area, it might be online hate, but there’s a universality in it as well because people are just trying to find where the crime originates. And oftentimes what we see globally, this is almost without question, is something that might start as a narcotics’ investigation, then turns into human trafficking investigation, then turns into a counter-terrorism. And you can never, this is what I love about this business. You can never say upfront where the thread is going to lead you or where the initial clue will ultimately unpack when you see the big picture.
And we see that on a global basis. And I think as well, what we’re seeing now, which maybe wasn’t there a few years ago, is this a global realization that there’s a lot of data out there in the world and you have to use it and that you can’t ignore it anymore or you can’t pretend it doesn’t exist or you can’t say that crypto isn’t important because it is to your investigation, as well as the dark web as well as social media, as well as all that internal data. And people are starting to realize I’ve got so much good internal data, but I’m not making the most of it. That’s the common thing that we see globally is that frustration that we haven’t been able to digitally transform while our adversaries in the market do nothing but digitally transforming into the most sophisticated types that they can be.
Ian:
Yeah, that’s a consistent refrain that I hear is that the criminals are very good at adopting new technology to their advantage. And then law enforcement is often a step or two behind where the opportunity exists to use technology as a massive force multiplier and level playing field, but they just haven’t been able to get there in certain cases. I’m curious about, one of the features I think that you advertise of the product is the fact that you’ve got out of the box integrations into lots of publicly available data sets. You mentioned social media, I think there’s a number of other open source intelligence or threat intelligence providers that you’ve integrated with. You obviously connect into the chain analysis ecosystem as well for blockchain intelligence. For a typical customer, how much of what they’re using your tool for, is that publicly available data category relative to data they’ve got in proprietary or private systems they’re running? How does that break down?
John:
Yeah, that’s a great question. And there’s a variability to that. You could think of it in a way that some clients, it’s about 70% internal, 30% external. And with some use cases it’s the opposite, right? It’s almost equal and opposite. But even when it’s like 15 to 30% is external, that’s the secret bit of solving the problem.
Ian:
Yeah.
John:
So even if it’s a small by percentage of data volume, it could be hugely impactful in terms of solving the problem. So it’s almost like we see them as two sides of one coin, right?
Ian:
Yeah.
John:
And it comes back to my own background where I worked in Bloomberg for a number of years after they acquired my last company. And what I saw in Bloomberg, particularly with the Bloomberg terminal, was the power of having data at your fingertips. So they 325,000 users, which were able to just type in a security type in a nice NRQ and they would get everything they needed to know about that. And they were able to trade and they were able to do all the processing, all the news, everything to do with that environment.
So that’s really our vision. With Siren is to do that for the law enforcement world where we can connect everything they need. And we’ve built a classifications scheme across eight different types of data, similar to what Bloomberg did with the yellow keys on the keyboard, which is effectively equities, bonds, munis, govies, commodities, et cetera. So we think it’s incredibly important that we have as much data available as possible because once you have that, people keep coming back to that environment because they keep unraveling the thread because searching on the internet is an incredibly dangerous thing to do for law enforcement, but it’s also incredibly time-consuming, and you end up not getting the answers as quickly as you should be getting it.
Ian:
Yeah. I am curious about the intersection of your product and artificial intelligence. Because I would have to imagine for your users, it’s tremendous to have all these data sources integrated, but there’s a context setting I would imagine moment of like, well, what is this dataset? What is it useful for? This number that I get out of this system means what exactly?
John:
Yeah.
Ian:
That has to come along, and the more systems you add, the more complex that gets, and then onboarding. And it feels like that’s something that we’re seeing the generative AI tools get very good at. Is this context setting summarization, explain to me what I don’t know and explain it to me like I’m five domain.
John:
That’s a fantastic point. And effectively our founding and research is all around knowledge representation, which is really a fundamental part of AI. How do you semantically understand this data? So that’s what our underlying data model does, but to bring it to a much higher level, and what we’re doing now, particularly around generative AI, is we’ve done some amazing things recently around, say for example, a knowledge graph that somebody builds that’s a network of criminality. And what we often find is the people who’ve built that graph understand it, but nobody else does. Right?
Ian:
It looks like a pile of spaghetti to everybody else.
John:
Exactly. So, traditionally, it has been very hard for people to communicate effectively what that graph is telling you. So what we’ve done recently, which it is one of my favorite features recently, is we take that entire knowledge graph as a parameter and feed it to gen AI, and we get the gen AI to explain what is in the graph. So instead of handing over a graph, now we pass over a document with the graph which explains what’s in the graph, right? And what’s amazing is when it’s a really useful use case because people worry about hallucinations, people worry about is it going to describe it effectively, but a knowledge graph is so tight in its definition, it’s very hard to loosen it.
But now we’re able to package up the graph plus a description of the graph, which is actually usable by command staff who can follow along and say, oh yeah, this person was calling this person, which was with somebody else, which is suspicious activity here. And instead of having to figure that out graphically, you do a true text. And we’ve also enhanced the graph to allow people to annotate it, to put bullets in, to tell more of the story within the picture itself. But with gen AI, you’re doing things like that. And then the other stuff we’re doing at the front end is to, instead of having to train people on a search or analytics, we’re putting in text chat interfaces. Tell me what is any activity between this person and that person and should I investigate further? And if you use pure gen AI tech in law enforcement to do that, again, the number one question is hallucination.
Number two is security. But if you’re doing it where all we’re doing is getting the gen AI to generate the query of Siren, and Siren has the controls and the audit and the security and the explainability of that question and answer, then we’re able to give back a very meaningful question. I, again, go back to the problem definition we talked about earlier. When you have between six and 18 months to train somebody, training is the biggest problem. People get promoted, people leave. There’s a lot of reasons why you have a churn in an environment, but if you can have a zero… Our goal is to be able to use Siren with zero training and you don’t have to go on a training course and all that. But I think gen AI is a huge role to play in that in the future.
Ian:
Totally agree. I would say amongst our customers, their biggest complaint is that it takes about nine months to grow a new investigator who’s capable of operating in the domain we’re talking about. And when you’ve got an average duration in role is two to three years, if you’re thinking about nine months ramp, you’re never going to get ahead of that curve.
John:
That’s right. Somebody who runs a business myself, if somebody was hiring somebody for me today and said they will be productive in nine months time, I’d say, fine, we’re not hiring them.
Ian:
Yeah. That’s right.
John:
Yeah. We’re just not hiring them. And this is where we expect this to be normal for larger organizations, we wouldn’t accept it ourselves.
Ian:
Yeah, that’s right. That’s right. And I think it’s incumbent on us as product people in this space to figure out how to help our customers solve that problem.
John:
Exactly.
Ian:
If we can shorten that time to grow a new investigator, it can have real meaningful impact on our customer’s mission. I am curious, a related topic. I think the history of policing has been generally reactive. Some crime is committed, victim of that crime reports it to the police, police respond, hopefully they catch the bad guy, they recover the stolen funds, a happy ending. It seems like with the available information that we have just publicly available, that your tool collects, that our platform collects, there’s an opportunity to shift the police activity ahead of the crime, potentially stop the crime before the victims are actually harmed in certain cases. And I’m curious if you’re seeing this at all in your business and in the way that people are using your product.
John:
Yeah, absolutely. I think what you’re talking about there is the whole role of policing intelligence as opposed to criminal investigations. One is strategic, one is tactical and short-term, and I see much more interest and focus on policing intelligence where we’re saying, look, some of these problems are too big for us to just keep reacting because it is a bit of a whack-a-mole. I am not getting to the source of the problem. And this is where you see state local agencies cooperate with their fusion centers looking to do more data sharing, looking to be much more strategic in their outlook of how they look at a policing problem.
And this is where with all credit to the law enforcement community, there’s genuine interest now in looking at the problem differently than they did 10 years ago where it’s working with companies like yourselves on the blockchain side of it, working with companies like Siren, the investigative, putting it all together and all of our partners around the Olson community company data and news, there’s an appreciation there now. And look, it’s not everywhere, it’s not always equal. And people often do get overcome by the tactical, but we see much more of a push when people have either the mind space or the budget. They are going after it in a very strategic way that it wasn’t five years ago.
Ian:
Yeah, it’s great to hear you say that. And it’s similar to the perspective that I see with our customers where there’s an appetite, but I worry about the capacity, going back to our comment about how many analysts and investigators can we get really competent and capable in the space, so work to be done.
John:
Yeah, look, that’s an interesting word, capacity. Because look, every change takes some capacity. You can’t have somebody work 14 hours a day at their everyday job and expect them to work on the onboarding of a new product like Siren. It just doesn’t work. So there has to be some capacity in there. And that’s sometimes what I do worry about when we talk with clients where they’re running on Max and when you run on Max, you don’t have capacity. And that’s where whether it’s working with partners, working with them to do things in parallel, which have a lower impact, it’s just really important that they do have the capacity to take it on, because change does take an effort. Even if we’ve got great technology, you still have to work at the change.
Ian:
Absolutely. I am curious, you’ve got such a great perspective across industry and law enforcement organizations all around the world. When you think about the types of criminal activity that they’re facing, has there been any change over the years for Siren in terms of the things that really matter and that are driving a lot of focus and attention?
John:
Yeah. I think you can almost see… Change happens through events. So the last nine months is a huge focus on counter-terrorist financing. Right?
Ian:
Yeah.
John:
But before that, you may have had a huge focus on crowd control. COVID had its own set of events where people were looking at disinformation, and I think in certain parts of the world, things like contact tracing. So in the last couple of years you will have seen a huge focus on fentanyl coming across the border, southern border in the US. Another big topic that we see globally now is things like vetting for officers in policing. Because a lot of parts of the world, one of the things we see globally is people looking to automation now because they can’t recruit, right?
Ian:
Yeah.
John:
The other thing that they’ve done in the past, in the recent past, is lower their standards because they can’t recruit. And some people are regretting that. And then standard vetting or traditional vetting often doesn’t find people like that. But oftentimes we’ve seen police officers who’ve been caught for criminality or really outrageous behavior. It was partly obvious to them after when they look at their social media profile and who these people really were or when they were hiding a social media profile, all these kinds of things unpacking. So, again, it all comes back to what are the events, where’s the criminality, where’s the money going? And you have to be prepared to move with the times. So you can’t just say it’s this and it’s this and it’s going to stay like this. You just have to look at where the data is flowing, where it’s coming from, where it’s going, and what’s the purpose of it.
Ian:
How much of that event driven trending drives your product development strategy? Or do you all stay focused on a core north star vision?
John:
Interesting. There’s actually two legs to it. So one is our core product engineering. So that’s always driven by the usability, the experience, the collaboration tools, things like performance scale. So that’s more predictable in that sense. So that’s classic software engineering. But in terms of the data we integrate that is really driven by events. So somebody might say there’s a particular type of cyber threat feed that’s very good at ransomware, that’s very good at linking it into chain analysis in terms of blockchain, we need to have that because there’s been a spike in that activity. So we actually split the team into two different teams.
So one that can react really fast based on data, and one that’s on a a steadier state running of engineering, which is looking at features, usability. And look, once as we expand our community of users, and we’ve gone in the last six, eight months from being purely analyst focused to right across the organization. So we’ll have users in the dispatch center, we’ll have users in real-time crime center. We have command staff, we have the criminal investigations, the forensics, plus training centers. Training centers is really important for us because they help educate people on what’s happening with data, which is really cool.
Ian:
Yeah, it is fascinating. It makes me wonder what’s the most unusual data you’ve been asked to integrate into the system where you just said, “Wow, what is that about?”
John:
Yeah. Look, the unusual data is usually the classified information that people have that is classified. So I can’t comment too much more on that. Interestingly, most of the stuff that’s out there is pretty vanilla, right?
Ian:
Yeah.
John:
It’s pretty vanilla. But if you think about it this way, there’s a lot of insight hiding in plain sight, right? And you’ll know that through the blockchain world. Absolutely. It’s public. It’s on the blockchain by definition, but you have to know what to do with it.
Ian:
That’s right.
John:
And I think that’s true across the spectrum of data we deal with. So it’s out there, it’s public, there isn’t a lot of mystery tip, but you just have to know what to do with it and how to knit it together.
Ian:
Yeah. I mean, in our case, the blockchain transactional data is, anyone can go look at it, but it is fairly difficult for humans to interpret it on its own.
John:
Exactly.
Ian:
Yeah, exactly. You’ve got all these strings of letters and numbers that they’re effectively meaningless, and it is now at such a scale. Even if you isolate down to one network like Bitcoin or Ethereum, that is very hard to comprehend the totality of it as a human, right? It is much easier for computers, but that semantic layer on top of it, in our case, what we call the knowledge graph, that allows you to say, well, all these transactions are controlled by this particular entity, suddenly gives meaning. And with that, you get some utility from the information that allows you to start to do things like MAP or ransomwares organizational infrastructure because you can see all their payment activity to suppliers. Or same thing with narcotics trafficking and purchasing of upstream precursor chemicals to say manufacture fentanyl. Now you start to see where these organizations-
John:
Yeah, you’re telling them a story.
Ian:
Yeah. Yeah. Yeah. Well, my customer closing question is I always love to look to the future. What’s on the horizon for Siren over the rest of the year that you’re really excited about
John:
Yeah. In terms of the rest of the year, look, the second half of the year on our product development, there’s a load of stuff we’re doing around gen AI, right? I talked about the generating reports, the interface evolving. That’s going to evolve to speech, that’s going to evolve to just different inputs. We already are using gen AI around localization for many, many different languages. So taking the entire front-end context for everything Siren that we’ve generated, something like 15 different language sets now, so that internationalization. So there’s a lot of really cool stuff around that. I think we continue to grow the data components that we integrate with, so we’re just getting richer around that. And we do a lot of work as well on workflow and case management. So integrating to more and more third party case management tools, which again helps the whole intelligence life cycle. So, yeah, we set out this year as the year of analyst workflow, and next year then we’re thinking of just more around collaboration and how do we collaborate better, and not just within our organization, but cross organization. So we’re really excited about that.
Ian:
Fantastic. I can’t wait to see some of those products come to life, John. This has been an exciting conversation. I learned a lot about Siren, and certainly going to be watching excitedly from the sidelines as you all continue to develop.
John:
Great having the conversation. And appreciate the opportunity, and love partnering with Chainalysis. Thanks for everything.
Ian:
Thank you.