Event Intelligence, AI & Canada: Interview with Andy Ellis

Touraj Riazi had the privilege of interviewing Andy Ellis, current VP of Corporate Strategy at EVNTL. We discussed EVNTL, its use of AI and the implications. Andy Ellis was formerly the Assistant Director of Operations at the Canadian Security and Intelligence Services.

Q: What kind of company is EVNTL? What services does it provide?

A: Knowledge is power. Knowledge enables enhanced preparations and informed decision making. It ensures that an organization’s most important resource—people—is taken care of. Being informed about events also places one in a position to protect their assets and simultaneously grow their business. This is where EVNTL enters the fray.

EVNTL is essentially the fastest messenger of information in the world. EVNTL stands for event intelligence. EVNTL delivers news to its clients faster than any media organization in the world by an average of 25 minutes. We informed our clients about the recent (January 7th) Iranian missile strike on American bases in Iraq 27 minutes ahead of any news source.

It is important to understand the value of 25 minutes. My response to any company owner or financial security chief who does not believe that 25 minutes is a long time is “let us sit in silence for 25 minutes”. Minds will be lost. What could be accomplished in 25 minutes is also important and will be discussed shortly. 

EVNTL’s reporting covers a broad number of areas including terrorism, natural disasters, criminal information, traffic and more. EVNTL does not define these events. What EVNTL does is deploy a program that is based on AI algorithm, which uses Natural Language Processing (NLP) and the highest end technology available, to provide our clients information on a timely basis. Ensuring our information is accurate is equally important. Our AI and NLP are critical to ensuring the accuracy of our information.

As a former Assistant Director of Operations at the Canadian Security and Intelligence Services (CSIS), I know that inaccurate information arriving in a timely fashion could be extremely damaging, particularly if it results in an incorrect deployment of resources. Guaranteeing a prudent deployment of limited resources is a priority for a variety of institutions from intelligences services to banks or law firms.

Through our algorithm and technology, EVNTL accordingly developed an ability to verify the accuracy of the information acquired. Traditionally, news media has gone to print with two sources: a primary source and a corroborating source (unless the primary source is a high ranking individual like the Secretary of State). EVNTL maintains two key requirements designed to guarantee the accuracy of our information before disseminating it. 1) At least four different sources confirming the same event 2) Geolocating the area of the event in question.

During the Manchester Arena attack at the Ariana Grande concert in 2018, EVNTL’s reporting was again 27 minutes ahead of any other news source. We were informed of the event before the British police had even received the 999 call. Initially, only explosions were reported but their source was unknown. However, as a result of EVNTL’s service, some of our clients were able to avoid being in that area and move vehicles, people, financial instruments and other resources away.

Another example of EVNTL’s service can be seen during the van attack in Toronto during 2018. Throughout the attack, EVNTL was able to provide information to law enforcement through audio, video and still imagery of the horrific incident. This facilitated establishing a context, which was difficult to do since it was a moving crime scene.

In conclusion, EVNTL is far from a Cambridge Analytica type of organization. We adhere to all the rules and regulations that we are subject to. We abide by the law and the licensed agreements that we make with providers. Identifying the culprits behind events and their motives is the job of law enforcement or a security company. EVNTL does not perform that task. We provide you with the fastest breaking news and most accurate alerts in the world on your laptops, mobiles and operation centres everywhere.

Q: Can you describe the functions of EVNTL’s Critical Event Notification System (CENS) and provide some examples of its application and use of AI?

A: We have traditionally received our breaking information from the print and television news. In this automated information age, traditional news can no longer acquire and convey information as quickly as other sources, that, frankly, may also be less biased than a traditional news source. It is very difficult to find a news source in the world today that does not have a political perspective.

During the past four years, the problem of false news has also come to the fore. The most desirable type of information is that which is both timely and accurate because one can then quickly act off of that information. Timely + Accurate = Actionable.

When an event breaks today, a majority of people will share information about it on social media. Mechanisms like Twitter that limit character counts also lend themselves to factual, or at least non-analytical, pieces of information.

What CENS does, quicker than anybody else, is examine the accuracy of that social media information through the use of AI. AI can be used because structured data is not required

Often, writers of the world and organizations like the Associated Press would search for keywords in reference to an event. EVNTL searches for events, not keywords. The role of AI is critical in our ability to do so because AI can read and assess massive quantities of information. It is not searching for keywords. What does that mean?

Should a car run someone over on the street, one person may tweet “somebody run-over”. Another may opt for “hit and run” and another could be “victim bleeding on street”. All these words are referencing the same event. Current algorithms and the NLP contain such massive power that it becomes possible to read, understand and appreciate that all those words are referencing the same event. This was previously not possible. If that information is then corroborated by four sources, CENS will notify you. EVNTL can send alerts to every one of an organization’s employees if need be. We will send you that which applies only to you. If you are located in New York, you will not receive updates concerning Miami. Its immensely fast and immensely accurate.

CENS is currently being used by a whole range of clients because it protects people and resources.

Security companies are interested in EVNTL because if, for example, they use armoured cars to transport financial instruments, they then seek to avoid crime scenes, traffic, natural disasters and other obstructions to a clear and quick route. If a company’s international headquarters in New York does not know there has been an incident in Indonesia, even when people in Indonesia do, CENS allows you to receive that information. The further far a-field it is, the further we get ahead of it. You may not be tracking natural disasters in Peru from your operations centre in Manhattan. We are.

We also have financial institutions as clients who have provided us with the location of every one of their banking outlets around the world, of which there are hundreds. EVNTL can track, within a defined radius of each of those outlets, all those possible events previously mentioned. Operation centres then receive this information instantaneously so that they can direct their personnel to take the appropriate measures. Consider that security.

Another financial viewpoint is investing. What would happen to the price of copper if an earthquake occurs in a mining area in Chile tomorrow? Will copper be available in the same quantity tomorrow as today? CENS provides information that allows one to quickly take the appropriate measures to capitalize on and exploit opportunities.

Many companies have also been grateful of the health data tracked by EVNTL. This has not yet begun in Canada’s own political level medical expertise. Say a doctor sends your child home from school tomorrow with a variety of symptoms that the doctor was unable to diagnose and more children with similar symptoms start appearing. What is happening here, what are these symptoms? Believe it or not, the spread of influenza is far better tracked using social media, as opposed to the very formal and slow process of having a General Practitioner report information to the health department.

In Canada, the flu tends to travel from West to East, almost in the same patterns as our prevailing winds. What implications exist for the flu shot when certain influenza outbreaks occur on the West Coast of the USA and Canada? The flu shot is really designed to combat last year’s flu. Can one be more proactive and respond to health risks faster?

Last year, we saw the outbreak of other diseases in Latin America and the Caribbean that could possibly have affected the ability of a woman to bear children during her childbearing years. If a company sends an employee to those areas and that employee becomes affected and is consequently unable to bear children, the company in question could face a gargantuan lawsuit. What a company wants is to get ahead of such a story so that it does not send its employees to areas where their health is at risk. A good employer takes care of their most important resource and that is always their people.  

Finally, CENS also contains a human component that is a critical part of the system. The human represents the second last step prior to hitting “send”. It is always a human that finalizes the action, not a computer. Within 60 seconds, an EVNTL analyst examines the information under question and verifies it. It’s similar to a fail-safe or the second key in the missile silo. It is important to introduce this human element so that we do not rely completely on technology and social media when sending you information that will influence your decision making. EVNTL’s analytical staff comprises highly capable individuals trained to intelligence service standards. There really is nothing else like it anywhere else in the world and it’s a real boom for Canada.

Only a couple of companies in the world are direct competitors, but they are multi-billion dollar companies. They are Uber and we are Lyft. EVNTL is a smaller but very similar and much faster and more accurate service.

Q: EVNTL claims that its algorithm “ensures that the information comes from trusted sources, located in the geographic vicinity of the event in question”. In an age of disinformation and spin, how does EVNTL’s CENS distinguish, in a timely manner, between ‘real’ events and hoaxes like the Columbian Chemical Plant explosion in Louisiana that never was?

A: In business, success and failure are measured by the criterion used to define those terms. EVNTL has never produced a false lead. Ever. Therefore, it obviously works.

EVNTL also has a strong, powerful, well trained team. The team requires interaction among its members. Individual programmers are necessary but insufficient because only integrated programming will develop the AI and NLP and improve them constantly and consistently. I would argue we are the best in Canada and possibly the world in this particular area related to the AI and NLP employed by CENS. EVNTL also established a system to reassure our clients of the layers of due diligence present to ensure the quality of the product that we provide is the best.

Our NLP system is a critical part of EVNTL’s success rate. Machines are becoming smarter than people. These machines can be taught by constantly and repeatedly supplying them with massive quantities of information. Say you identify account user XY123 as a purveyor of false information. EVNTL will not only eliminate XY123 but anyone that is contact with XY123 as well. That is a failsafe. Even though some social media accounts are not purveyors of false information, it is safer not to use them. In my estimation, around 50 million social media accounts have currently been identified as purveyors of false information, or influence peddling. Those are automatically eliminated from our searches. The list of tainted accounted grows daily.

EVNTL’s analytical unit also examines how these tainted accounts are created, managed, utilized and deployed. The machine can then be taught to discover other accounts with similar characteristics. Even if a particular account has no history of being a purveyor of false information, it is still eliminated if it resembles an account that would do so. If they quack like a duck and walk like a duck…they are a duck.

Now does sustaining this level of accuracy potentially impact the timeliness of delivering this information? Strangely enough, no. If a delay existed, it would be measured by a tenth of a second as opposed to anything else. Personally, I would rather receive information 20 seconds later with the guarantee that it is completely accurate. Recall that a human is also present to verify whether information is sensible or not at the end. If we are notified of a hurricane in Saskatchewan, it will fail what is known in law as the Reasonable Man test and that information will consequently not be conveyed. Our human element permits us to always conduct a Reasonable Man test at the end.

Furthermore, if we ever encountered a hoax event, EVNTL’s system would convey that information to its analysts who would examine the modus operandi of people who engage in such activities. This allows us to become more familiar with a growing range of disinformation tactics by the adversary. As noted, the algorithm can then be taught to identify similar patterns. This sets our adversaries back because no adversary can constantly be changing their modus operandi.

Ultimately, we cannot feed false information or we have no value at all.

Q: Can private sector companies like EVNTL contribute to the integrity of Canada’s democracy by enhancing Canada’s ability to identify and respond to malicious disinformation campaigns? 

A: Let’s start with the public sector. The CSE (Communications Security Establishment) in Canada is very highly capable and competent at protecting the critical infrastructure that is the government. They are less capable of protecting Canada’s entire critical infrastructure, including the financial grid. This void must be filled by the private sector.

It has become evident in the past year alone that the number of cyber ransom attacks is growing exponentially. Nobody wants to announce that they were attacked. They would rather pay 20,000 dollars and regain what was lost. In such a scenario, the chances of an attacker returning is also high. If you own valuable materials and are insured, it is likely that the person who robs your house will return to do so again. Therefore, a system that protects one against the initial attack is much better because if an organization succumbs to a ransom fee then they had best build a system that will not be subject to ransom again.

No system is able to guarantee 100% protection, but you are still obligated to build one that is as flawless as possible. It is important to do the best possible since your adversary is constantly evolving and creating new and unfamiliar attack vectors. A system that can identify attacks similar to past ones and then shut the threat down is essential.

Banks today have made it more difficult for a perfectly legitimate e-mail to get through to them simply because they are protecting their critical infrastructure. I believe this trend will persist. State sponsored attacks on the Canadian private sector will certainly occur. States such as China use their government power and resources to support their industries and advance their opportunities. If a Chinese and Canadian company are both bidding on a contract in the Czech Republic and the Chinese are able to acquire information regarding the Canadian bottom line or anticipated offer, they will then simply beat it and acquire the contract. Or, they could disrupt the Canadian company through a denial of service (DDoS) attack. Cyber technology is the war weapon of the present and the future.

A lot of focus has recently been on Iran, particularly with the missile attacks in January. However, the Iranians have immense capabilities in the cyber realm as well. President Trump may express a desire for a détente, but that usually means that more complex, secretive and asymmetrical methods will be employed in response and cyber is probably included in that list.

EVNTL, however, is not a cyber protection company. That is not what we do. What we can do is provide advice to people on how to protect their assets through other training programs in which we collaborate with world-renowned experts.

Q: What are other potential applications of the ability of EVNTL’s AI and NLP?

We are currently examining other ways to employ our AI and NLP besides CENS. It might surprise some to know that we receive visitors at our offices who inquire whether they could utilize our AI and NLP for a wide variety of reasons and the answer is yes: you are only limited by your imagination.

In the legal world, for example, a very narrative based world, cases can be 500 pages long and summaries alone are longer than 20 pages. Our NLP and the continuous improvement of the product means it is able to absorb massive quantities of information and distill it according to your particular needs. We have already discussed the limitations of keyword searches. Performing a keyword search for all cases involving copyright may then omit cases that employ language such as patented or protected. Keyword searches do not work. Our NLP reads, understands and analyzes all the relevant information without being limited by keywords.

AI and NLP can also be applied in finance. An investment company that has numerous individuals examining over 20 terminals at their fingertips, from Bloomberg on down, cannot possibly rely on humans to read the significant quantities of information they are exposed to. Our technology makes that possible.

Q: As technology continues permeating various aspects of human existence, how do you see the future evolving for both EVNTL and the impact of AI’s development on security in general? 

A: AI is the present and the future and will be for a while. Without AI, you cannot compete in the 21st century. It is probably best not to fight the Wehrmacht by mounting horses with swords, which is what the immensely courageous Poles did. Ideally, one would possess the best technology and respond with their highest capabilities. AI is capable of protecting us, but other countries may concurrently learn and improve their cyber capabilities and inflict harm upon us using the same technology. I am also very proud to say that Canada is an international leader in AI and EVNTL does have the most talented AI team in this country.


Disclaimer: Any views or opinions expressed in articles are solely those of the authors and do not necessarily represent the views of the NATO Association of Canada.

About Touraj Riazi

A Canadian immigrant born in Kuwait, Touraj made Montréal his permanent home in 2012, where he obtained a B.A. in Political Science (2017) at Concordia. He is continuing his education by pursuing a M.A. at Sciences Po Paris and will graduate July 2020. Touraj presently serves the NAOC as a returning Policy Analyst and is responsible for the Cyber Security and Information Warfare program. He is the former Editor of the NATO’s International Arc of Crisis section and simultaneously served as a Project Manager and Event Coordinator. Touraj was also a Director at the Canadian Center for Strategic Studies (CCSS) where he concurrently served as one of the Editors in Chief. Previously, he was also a Project Manager for the Canadian Turkish Business Council. He can be contacted at touraj.riazi@natoassociation.ca