Courtesy photo

In today's digital landscape, the convergence of Information Technology (IT) and Operational Technology (OT) presents both opportunities and challenges for critical infrastructure asset owners and operators.

UTSI, a leading systems integrator of OT technology, has assembled an OT Cybersecurity Advisory Board to address these challenges and highlight standard processes and best practices to evaluate and secure these environments.

“We are excited about the strength of our esteemed Advisory Board and are confident that these strategic alliances will enhance our competitiveness,” says Shaun Six, president of UTSI International.

A few of the drivers of OT and IT convergence include increased efficiency, enhanced data, and improved remote monitoring and control capabilities. It exists to promote the promise of connectivity, data visualization, and to enable AI and better decision-making.

Key challenges
However, there are challenges. Increased attack surface, legacy systems, and infrastructure, as well as differing security requirements and regulatory and compliance challenges are all present.

“As we witnessed our global infrastructure recover from the largest outage on July 19, this is a clear and present example of how the application of technology between IT/OT can have an impact on the underlying interdependencies in critical systems and infrastructure," says Cherise Esperaza, co-founder and president of Security Gate. "Therefore, there is an ever-increasing need for resources to be expended for this endeavor, and understanding the areas of risk alongside business outcomes as it relates to the convergence will be a critical to ensuring optimal availability of these systems.”

Increased monitoring

When it comes to security monitoring and incident response, it's vital to incorporate new tools to monitor, meeting the same standards as legacy assets and reporting vulnerabilities.

"Continuous monitoring is one of the most critical aspects of securing your IT/OT infrastructure," offers Eric Rippetoe, former CISO of Federal Energy Regulatory Commission and UTSI cybersecurity consultant. "Automated tools coupled with mature processes allow organizations to rapidly detect security threats and enable teams to quickly respond to address issues. Having a security incident and not knowing about it could result in huge remediation costs and major long-term reputational damage."

Emerging technology and trends
With the rise of AI, it makes sense now more than ever to follow the principle of "never trust, always verify." A Zero Trust architecture is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction.

In line with this approach, UTSI International Corporation, as a Gold Partner of ThreatGEN, has been intensively utilizing ThreatGEN's AutoTableTop™ incident response tabletop exercise simulation tool. This advanced technology is helping UTSI provide meaningful tabletop exercises to their client base, particularly in high-risk SCADA and OT environments.

Clint Bodungen, president of ThreatGEN, emphasizes the tool's significance: "This tool is designed to sharpen incident response capabilities for teams operating in critical SCADA and OT environments. In these high-stakes settings, where system availability is paramount and the consequences of failure can be catastrophic, AutoTableTop™ provides an unparalleled platform for realistic, AI-driven tabletop exercises. It allows teams to practice and refine their responses to a wide range of scenarios, with practically zero planning time required, ensuring they're prepared for the unique challenges posed by industrial control systems where even a minor slip-up could have deadly consequences. This application of advanced simulation technology aligns with the industry's move towards more robust and realistic cybersecurity training, especially in sectors where the stakes are exceptionally high."

In conclusion
The convergence of IT and OT presents significant cybersecurity challenges for critical infrastructure. However, by understanding these challenges and implementing effective strategies, organizations can protect their essential systems from cyber threats.

“Maintaining an accurate inventory of assets poses a significant challenge for companies with control system networks," says Derek Harp, chairman, Control System Cyber Security Association International. "As outlined in our 2024 OT Cybersecurity Technology Report, not only is it difficult to identify these assets, but understanding their communication adds an additional layer of complexity. Typically, companies only gain a snapshot of their OT network status and assets' interactions during periodic assessments. Not surprisingly, our research also indicates that the frequency of these critical evaluations is increasing.”

The role of UTSI's OT Cybersecurity Advisory Board, along with the use of advanced tools like Security Gate and ThreatGEN, is pivotal in navigating this complex landscape. As the threat landscape continues to evolve, proactive measures and ongoing investment in cybersecurity will be crucial to safeguarding our most critical assets.

There are three topics in particular that business owners should refresh and/or make sure they include in their HR policies and employee handbook. Photo via Getty Images

3 things Houston companies need to freshen up when it comes to their HR practices

guest column

Just as we typically look to freshen up our homes this time of year, the same needs to be done for employee handbooks. Employee handbooks streamline HR operations, mitigate risks and set expectations to protect a business from negative workplace behavior by outlining employee policies and procedures.

There are three topics in particular that business owners should refresh and/or make sure they include in their HR policies and employee handbook: in-office attendance, social media and artificial intelligence (AI).

In-office attendance

When taking a closer look at hybrid workplace policies, the in-office attendance policies should align with your organizational goals. Whether you decide to implement hybrid work permanently or eventually return to being in the office completely, the return-to-office (RTO) policies should reflect those goals.

Clear expectations are especially important when defining office attendance rules. When attendance policies are set, employees respond best when they are fair, accessible and easily understood. Detailed policies outlining the nuances and consequences can help reduce noncompliance while supporting accountability.

Policies need consistent enforcement for them to be effective. Hybrid policies set prior to or during the pandemic may now be loosely enforced. The policies may state for employees to be in the office three days a week, but there may be no accountability for not meeting the mandate. Not enforcing attendance policies can give the impression that it is okay to violate other policies, too. Reviewing your policies allows you to course correct and write a policy reflecting your corporate culture and goals. You’ll then be able to reintroduce the attendance policy and enforce it across the board as intended.

Social media

You are hard pressed to find an employee without a social media account, whether it is TikTok or LinkedIn. If your business does not have a social media policy with guidelines surrounding employees’ online behaviors, now is the time to put one in place. If you do have a policy, social media changes quickly enough to warrant an annual review.

Social media policies should set boundaries between personal and professional use of social media. Employee activity on social media outside of work can influence business, as employees are often seen as reflecting the company. It is also important to note that social media policies should be based on input from senior management, HR, legal and IT, not just marketing.

The social media policy should delineate between an employee’s personal and professional use, establish a code of conduct and outline its use as part of crisis communications. Social media can just as easily elevate your brand, and you can potentially ask employees to share positive work experiences online.

Cybersecurity should also be addressed in social media policies. As it has become more common for hackers to infiltrate personal emails and social media accounts, policies can prohibit employees from storing company documents in their personal social media and email accounts for security purposes.

Artificial Intelligence (AI)

AI seems to be changing the way we do business daily. However, the policies surrounding company use of AI are lacking at many organizations. Research from McKinsey states only one in five employers have established policies governing their employees use of AI.

AI technology has already streamlined many business practices, but it can also present major risks. Inaccuracy can threaten your business if employees use generative AI for assistance in completing writing tasks, for instance, and the system may not generate accurate or original information.

As we learn the evolving and complex nuances of AI, creating a policy needs careful attention. You may consider developing an AI team to write a comprehensive, well-researched AI policy tailored to your organization. This working group should gather insights from leaders within the organization, including frontline managers, to fully understand how employees use, or might use, AI. This team should be charged with considering the ethical aspects of AI’s use and ensuring the policy aligns with company values.

One of the most critical elements of the policy is an accountability process or system. The policy should clearly outline any corrective action or disciplinary steps associated with using AI in a manner that harms the business and/or its clients. Just as important, the policy should outline how to use and how to avoid misusing AI. Since AI continues to evolve month to month, this is a policy that will require more attention and revisioning throughout the year.

Keeping a critical eye on HR policies is an important part of business success. Setting aside time to review, update and even create new policies now – before being faced with an issue – can potentially mitigate costly challenges down the road.

------

Karen Leal is performance specialist with Houston-based Insperity, a provider of human resources offering a suite of scalable HR solutions available in the marketplace.

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

Houston founders: How safe is your company's data?

guest column

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

This tiny “smart car” is a lot more powerful than you might think. Photo by Jon Burke/UH

University of Houston gets $2M to launch innovative transportation-focused cybersecurity center

traffic safety

The University of Houston is now leading a national consortium focused on cybersecurity in the transportation sector.

Known as the Transportation Cybersecurity Center for Advanced Research and Education, or CYBER-CARE, it's backed by a $2 million grant from U.S. Department of Transportation for its first year, with anticipated total federal funding of $10 million over five years, as part of the department's University Transportation Centers program that aims to address a number of topics in the field.

UH's center aims to "establish a fundamental knowledge base and explore advanced theories of how to best mitigate impacts of potential large-scale cyberattacks on transportation infrastructure," according to a release from the university. This includes protecting vehicle control systems, developing industry-wide best practices, responding to potential cyber incidents and introducing ways to recover quickly from cyber incidents in traffic networks.

CYBER-CARE is led by Yunpeng “Jack” Zhang, associate professor in the Department of Information Science Technology at the UH and director of the center.

"Our goal to make our intelligent transportation system (ITS) safer for all road users. That aligns well with the USDOT’s strategic goal of improving safety,” Zhang explained in a statement. “We also will promote interdisciplinary research and education across the transportation and cybersecurity domains.”

The center opened earlier this year within UH's Cullen College of Engineering’s Division of Technology. Houston and Texas colleges Rice University and Texas A&M University-Corpus Christi have joined the consortium with UH, along with Embry-Riddle Aeronautical University, University of Cincinnati and University of Hawai‘i at Mānoa.

The DOT's University Transportation Centers first launched in 1988 to conduct research. Support has ebbed and flowed over the years, but has seen some uptick recently. The Biden Administration's 2021 Bipartisan Infrastructure Law authorized 35 UTCs to receive a total of $90 million in funding from 2022 to 2026 to address issues like traffic congestion, safety, infrastructure durability and cybersecurity risks.

According to the DOT's website there are other Texas UTCs at University of Texas at Austin, University of Texas Arlington, Texas A&M University College Station, Prairie View A&M University and Texas State University.

Last year, Texas A&M also launched a new institute for research and education regarding cybersecurity. The Global Cyber Research Institute was funded by $10 million in gifts from former Texas A&M student Ray Rothrock, a venture capitalist and cybersecurity expert, and other donors.

Tap into these tips to make your company safer from cyber attacks. Photo via Getty Images

Houston expert: 5 tips for improving your company's cybersecurity

guest column

Imagine waking up tomorrow to find out that all of your critical information (trade secrets, financial data, customer lists, etc.) is gone. While working to find out what happened, you order lunch online, only to find out your bank account has no balance.

That scenario happens every day to business leaders just like you. Here are 5 tips everyone should know, which will help reduce cyber security risks.

Tip 1: Know what you need to protect

If you don’t know where your data is kept, how can you protect it?

From hardware like laptops and cell phones, to critical software including accounting and HR, spreadsheets used to calculate financial reports, OneDrive accounts, Google Drive, and “C” drives, there are numerous places your critical data could be kept. Work with your managers to identify every piece of hardware, software, and where the critical data is kept.

Tip 2: Turn on multi-factor authentication for everything you possibly can.

Whenever possible, someone should need a username, password, and a code from an authentication app, text code, e-mailed code, something that’s a unique identifier that randomly changes in order to access critical company information. Alternatively, you can rely on biometrics (fingerprints, facial recognition, etc.) as your third line of protection.

Tip 3: Know who has access to the data and implement basic user access rules.

Everyone should have their own username and unique password. Generic admin accounts, shared user accounts, etc. should never be allowed. If you’re only paying for five licenses but have 10 people accessing the software, stop being cheap and pay for more licenses.

Log in to your bank’s website (or go to a local branch) and run a report which lists who has access to the online banking system and what they can do within it. While you’re at it, get a report of everyone with signature rights for checks and make sure it’s properly updated.

Run a report of all users for each software you listed above which includes what level of access they have. Does their access match their job requirements? Remove all access that isn’t required for their job. You can add access back later if they need it. This can also help you identify employees who might have too many responsibilities.

Now go through the rest of the software, network folders, and the other items you listed above and do the same exercise. Going forward, whoever “owns” the data in each system (banking, accounting, HR, etc.) should approve all access to that data.

Tip 4: Back up that data — often

You most likely have a folder on your computer that has important information in it like Financial spreadsheets, HR files, customer data, and marketing plans. If you selected that folder and hit the delete key, then you opened the recycle bin on your desktop and the folder wasn’t there, how bad would your day be?

Now that you know the location of files, folders, software, and other important data points, turn on an auto-backup process and test that process about once a quarter. If you use something like Google Drive, Microsoft’s OneDrive, or similar cloud services, most will provide free backup support. However, before you do that, require all employees to move important files off of their “C” drive and into network folders.

Tip 5: Implement antivirus software

I’ll be the first to say that I hate antivirus software. Why? Because it typically slows down your computer while it runs in the background and flags items like the spreadsheet you use every month as a “potential threat”.

Even so, the aggravation is worth it in the long run.

There are tons of antivirus software options. If you think about protecting your home, you don’t need armed guards, attack dogs, and a feral cat. You do need someone to glance out the window to see who is at the door. If it’s a group of zombies trying to eat you, then you need to have the ability and resources to protect your home. Pick an antivirus software that matches your budget and get it in place. Don’t overthink it, just get it going.

One last bonus tip I’ll leave you with — have random test “phishing” emails sent out to everyone (including yourself) in your company. The number one cause of cyber security issues in businesses is internal users clicking on fake emails.

------

Thomas Mullinnix is the founder of Houston-based Re-Vision Management Consulting LLC.

A Houston founder explains why you should shift the way you think about cybersecurity from a cost to an investment in your business. Photo via Getty Images

Houston expert: Top three ways to make cybersecurity a business decision

guest column

For companies big or small, scaling your revenue securely is about building people, processes, and technology to help you deliver your value to market in the most efficient way possible. But shifting cybersecurity as a cost to an investment takes a shift in thinking.

Here are three tips to make cyber a business decision for your company.

Don’t fail at digital transformation. Whether you’re considering a digital “initiative” to stay ahead of competitors, reduce operational expenditure when possible, or simply drive efficiency to customer value delivery, transforming how you’re doing business should rest upon a foundation of security across your existing people, process, or technology. An effective cybersecurity program should drive confidence to your team to expand your tooling, processes, or delivery mechanisms with confidence. The alternate reality is you shift a working process to incorporate new technology, and something fails or breaks, causing frustration of your team and fewer dollars in the door. Here are a few tips that will help you make sound business investments in technology:

  1. New technology or system can introduce new cyber risks to your company. As a result, it is good practice to balance the value gained with the risks absorbed. Establishing a “new product” risk vs reward process will reduce ad hoc purchases and introduce more sound thinking to your team’s decisions.
  2. New technology purchases will come with vendor onboarding but beware of the challenges you face when those implementation or training hours run out. Ask for additional support hours as part of your purchase so that you’re always able to call a help desk for real support.

Secure design reduces long-term costs. Regardless of your business type, if some type of cyber-attack could affect your business outcome(s) — be it your product, the loss of sensitive customer data, theft of intellectual property, or disruption to service delivery — consider investments in your cyber program an investment towards the cost of future business operations.

For instance, manufacturers across virtually every sector continually balance “secure design” with efficiency/cost as they compete in the market. Their challenge: estimating future recalls and product “updates” to be paid for by future operational expenditure. The same can be applied to unforeseen downtime of a critical inventory, payment capture, or website system. In both cases, here are two tips to shift cyber from a “security cost” to a “business” mindset:

  1. Work with your security vendors to develop a long-term strategy rather than quoting an “install and leave” project. Security vendors are businesses too. They will respond positively if you tell them you will offer longevity in return for payment over time. 
  2. Amortize your costs this year into next year's costs of goods. If you can negotiate monthly or quarterly payments with your security vendors, adding 30-60 days of net pay dates, you’re already starting to shift security improvements realized tomorrow to costs you pay next quarter.

Your customers want you to have a great cyber program. Especially in regulated spaces like healthcare, defense, and other critical infrastructure sectors, there is a high chance your company’s cyber program must meet minimal cyber guidelines. Investing in the training, processes, and technology required to achieve some element of “compliance” is a must-have investment for doing business with big companies.

A mistake small companies make is allocating the minimal resources “reach the bar” without thinking about the risks. Employee turnover, scaling your business in new regions, and increasing purchase order sizes all carry a potential “new bar” you must reach on your cyber maturity. Building a cyber program initiative may help you increase sales. Imagine you say this in your next prospect meeting as you aim to win that big contract, “Additionally, we reviewed your cybersecurity supplier requirements online and are pleased to say we have certified documentation showcasing an evolving, continually improving cyber program that exceeds your requirements. We feel that adds to our differentiation.”

------

Ted Gutierrez is the CEO and co-founder of SecurityGate, a SaaS platform for OT cyber improvement.

Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Founder bets on Houston to grow innovative corrosion detection technology

HOUSTON INNOVATORS PODCAST EPISODE 265

Despite having success in taking his technology from lab to commercialization, Anwar Sadek made the strategic decision to move his company, Corrolytics, from where it was founded in Ohio to Houston.

"Houston is the energy capital of the world. For the technology we are developing, it is the most strategic move for us to be in this ecosystem and in this city where all the energy companies are, where all the investors in the energy space are — and things are moving really fast in Houston in terms of energy transition and developing the current infrastructure," Sadek, co-founder and CEO of Corrolytics, says on the Houston Innovators Podcast.

And as big as a move as it was, it was worth it, Sadek says.

"It's been only a year that we've been here, but we've made the most developments, the most outreach to clients in this one last year."



The technology Sadek and his team have created is a tool to detect microbial corrosion — a major problem for industrial businesses, especially within the energy sector. Sadek describes the product as being similar to a testing hit a patient would use at home or in a clinic setting to decipher their current ailments.

Users of the Corrolytics test kit can input their pipeline sample in the field and receive results via Corrolytics software platform.

"This technology, most importantly, is noninvasive. It does not have to be installed into any pipelines or assets that the company currently has," Sadek explains. "To actually use it, you don't have to introduce new techniques or new processes in the current operations. It's a stand-alone, portable device."

Corrolytics approach is to help revolutionize and digitize microbial corrosion detection — both to improves efficiency and operational cost for industrial companies, but also to move the needle on a cleaner future for the energy industry.

"We are having an energy transition — that is a given. As we are bringing new energy, there will be growth of infrastructure to them. Every single path for the energy transition, corrosion will play a primary role as well," Sadek says.

Corrolytics hopes to work with new energies from the beginning to used the data they've collected to prevent corrosion in new facilities. However, the company's technology is already making an impact.

"Every year, there is about 1.2 gigaton of carbon footprint a year that is released into the environment that is associated with replacing corroded steel in general industries," Sadek says. "With Corrolytics, (industrial companies) have the ability to extend the life of their current infrastructure."

Sadek says his move to Houston has already paid off, and he cites one of the company's big wins was at the 2024 Houston Innovation Awards, where Corrolytics won two awards.

UH researchers secure $3.3M for AI-powered subsurface sensing system to revolutionize underground power lines

going under

Researchers from the University of Houston — along with a Hawaiian company — have received $3.3 million in funding to explore artificial intelligence-backed subsurface sensing system for safe and efficient underground power line installation.

Houston's power lines are above ground, but studies show underground power is more reliable. Installing underground power lines is costly and disruptive, but the U.S. Department of Energy, in an effort to find a solution, has put $34 million into its new GOPHURRS program, which stands for Grid Overhaul with Proactive, High-speed Undergrounding for Reliability, Resilience, and Security. The funding has been distributed across 12 projects in 11 states.

“Modernizing our nation’s power grid is essential to building a clean energy future that lowers energy costs for working Americans and strengthens our national security,” U.S. Secretary of Energy Jennifer M. Granholm says in a DOE press release.

UH and Hawaii-based Oceanit are behind one of the funded projects, entitled “Artificial Intelligence and Unmanned Aerial Vehicle Real-Time Advanced Look-Ahead Subsurface Sensor.”

The researchers are looking a developing a subsurface sensing system for underground power line installation, potentially using machine learning, electromagnetic resistivity well logging, and drone technology to predict and sense obstacles to installation.

Jiefu Chen, associate professor of electrical and computer engineering at UH, is a key collaborator on the project, focused on electromagnetic antennas installed on UAV and HDD drilling string. He's working with Yueqin Huang, assistant professor of information science technology, who leads the geophysical signal processing and Xuqing Wu, associate professor of computer information systems, responsible for integrating machine learning.

“Advanced subsurface sensing and characterization technologies are essential for the undergrounding of power lines,” says Chen in the release. “This initiative can enhance the grid's resilience against natural hazards such as wildfires and hurricanes.”

“If proven successful, our proposed look-ahead subsurface sensing system could significantly reduce the costs of horizontal directional drilling for installing underground utilities,” Chen continues. “Promoting HDD offers environmental advantages over traditional trenching methods and enhances the power grid’s resilience.”

------

This article originally ran on EnergyCapital.

Houston AI data firm partners on Alzheimer’s clinical trial

now testing

Houston data science firm OmniScience announced this month that it has partnered with Florida-based INmune Bio (NASDAQ: INMB) on a global Phase 2 Alzheimer’s disease clinical trial.

The trial, known as ADO2, will utilize OmniScience's recently developed product, Vivo, which uses generative AI to centralize and analyze clinical trial data in real time, according to a release. The two companies also partnered during Vivo’s development and recent roll-out.

"OmniScience and INmune Bio share a vision to transform how clinical trial teams engage with data – transforming data into knowledge in real time and informing decisions that increase the probability of success,” Angela Holmes, CEO of OmniScience, says in a statement. “As our partnership moves forward, we’re gaining further insights from the INmune team that we can integrate into Vivo’s roadmap. We look forward to our continued mutual success.”

The ADO2 trial will investigate INmune Bio's clinical-stage biotechnology XPro in patients with mild cognitive impairment or Alzheimer’s disease with brain inflammation, according to its website. Its products are focused on "restoring function in the body's innate immune system to fight disease."

The trial is overenrolled with 208 patients diagnosed with mild Alzheimer’s disease or mild cognitive impairment. The top-line results are expected to be released in Q2 2025.

"A global trial of this size is vast, and Vivo will be critical in our ability to analyze cognitive results,” Tara Lehner, INmune Bio’s vice president of clinical operations, says in the statement. “With genAI provided by Vivo, we can amplify our clinical teams’ capabilities, turning complex data into actionable insights at unprecedented speed, which means we can get answers—and treatments—to patients faster.”

INmune will be able to use OmniScience's Vivo product to unify data from electronic data capture, clinical trial management systems, patient-reported outcomes, clinical outcome assessments, labs, wearables, safety databases and more, according to the statement. The product has been shown to improve data quality and visualizations and reduce the reliance on spreadsheet-based data analysis during clinical trials.

Omniscience was originally founded in 2017, then known as Mercury Data Science. It rebranded and changed its name earlier this year. Holmes was named CEO in 2022.

Omniscience's Vivo product recently won first place in the CNS Summit 2024 Innovation Showcase in Boston and the Blue Whale Ribbon at the inaugural Whale Tank pitch competition during the 2024 Innovation Network Gathering (ING) in West Chester, Pennsylvania.