Thank you for Subscribing to Apac CIO Outlook Weekly Brief
Cybersecurity has never been more complicated; today, attacks continue to grow in both number and sophistication, bad actors continue to expand, and digital transformation and new technologies are exposing organizations to new vulnerabilities. In such a scenario, defending an organization and its digital assets with the traditional method of building ‘firewalls,’ is proving to be inadequate. What businesses need is a ‘human immune system’ like approach to cybersecurity. Similar to the manner in which the immune system responds to an infection by identifying and containing the infectious germs, an organization’s cyber defense should be proactive enough to identify threats before they can cause catastrophic damage. And, that is precisely what San Francisco-based cybersecurity firm, Darktrace, is able to bring to the table. The company has pioneered an ‘enterprise immune system’ technology to detect and fight cyber-threats in real-time. That being said, an aspect that truly makes the technology unparalleled is it rejects the one-size-fits-all, outcome-focused approach of traditional security programs, and instead, uses a unique combination of advanced mathematics and highly-developed ML algorithms to understand every nuance of the host network. “Our technology provides immune system-like visibility into the internal workings of an enterprise’s digital network and enables the cyber defense systems to differentiate between what is inherent to the host and what an abnormal activity carried out by a disguised invader looks like,” says Nicole Eagan, CEO of Darktrace.
"Darktrace antigena represents the first automated, self-defending system that allows the enterprise immune system to take direct action against specific threats—without disrupting an organization"
Established in 2013 by a team of mathematicians from the University of Cambridge and government cyber intelligence experts, Darktrace empowers organizations to defend their systems against the most sophisticated cyber threats. Today, with over 900 employees, Darktrace is recognized as one of the world’s leading AI company for cybersecurity and serves some of the most forwarding-looking firms across various industry verticals including finance, manufacturing, healthcare, energy and utilities, retail, education, and government.
Out-of-the-Box AI Cyber Defense Solution
The introduction of Darktrace’s Enterprise Immune System, which mirrors the human immune system, has brought about a fundamental shift in the way organizations defend themselves, amid a new era of sophisticated and pervasive cyber-threats. Unlike traditional cybersecurity solutions, instead of relying on knowledge of past threats, Darktrace’s Enterprise Immune System independently classifies data and detects compelling patterns.
Our solution combines real-time threat detection, network visualization, and advanced investigation capabilities in a single unified system that is fast and easy to install
To this day, the Enterprise Immune System has identified around 53,000 serious, in-progress threats including ransomware, insider attacks, cloud-based threats, and state-sponsored espionage across its 4,000 deployments—which were missed by traditional defenses. In an instance, a small charity was able to successfully identify and stop an in-progress cyber attack that originated due to a socially engineered email from a legitimate supplier. Within minutes of installing Darktrace’s AI solution, the infected computer was quarantined and taken offline, thereby preventing catastrophic damage. Legacy tools relying on previous knowledge of threats would not have been able to detect such behavioral abnormalities,” notes Eagan. Capabilities like these are what make Darktrace’s Enterprise Immune System one of the most effective and proven solutions to detect unprecedented threats and anomalous cyber incidents. Today, leading companies including Penguin Random House, Trek Bicycles, YMCA LA, Pacific Dental Services, Gallagher-Kaiser Corporation, Irwin Mitchell, and the City of Las Vegas are all a part of Darktrace’s clientele.
A Digital Antibody
In addition to the AI cyber defense solution, Darktrace also provides an autonomous response technology, Darktrace Antigena that takes action against in-progress cyber-threats, limiting damage and stopping their spread in real time. The solution, which was recently launched, works like a digital antibody, intelligently generating measured and proportionate responses every time an incident arises, without impacting normal business operations. Darktrace Antigena is currently offered in two modules: Antigena Network, which takes action in the network and the cloud, and Antigena Email, which delivers preemptive protection against email-borne attack campaigns.
Each time Darktrace’s Enterprise Immune System identifies a dangerous or highly anomalous activity, Darktrace Antigena is triggered, and it generates a response to that activity in real time. Depending on the severity, Antigena responds to the attack in three ways: It either slows down or completely cuts off the connection that is identified as the route of attack; quarantines the related users, systems, and devices; or marks specific content for further investigation.
That being said, to allow C-level executives and threat analysts to get better visibility into their organization’s entire network and the threat level it faces at any given time, the firm recently came up with a unique interface known as the Darktrace Threat Visualizer. Leveraging Darktrace’s ‘immune system’ technology and cutting-edge visualization techniques, the Threat Visualizer lets users see what is happening in their enterprise globally, by visually representing all network activity and connections, both external and internal. The Threat Visualizer also alerts analysts about significant incidents within their environment automatically, enabling them to proactively investigate and neutralize the attacks in specific areas of the infrastructure, including cloud, IoT, and internet connection sharing.
Over the years, using its cutting-edge cyber defense solutions, Darktrace has helped several leading businesses across different industry verticals mitigate their security challenges. An instance that highlights the company’s unique value proposition in the cybersecurity landscape is their success story with a casino that was hacked through its digital fish tank. The large fish tank had an IoT-connected thermostat to measure the water temperature. Attackers broke in through this thermostat, got access to the casino’s high-roller database, and stole critical data. However, by implementing Darktrace’s AI cyber defense technology, the casino was able to spot the unusual behavior and stop the attack immediately.
Innovation on the Horizon
Successes like these are what propel Darktrace forward. Since its inception, the company has experienced rapid growth, reporting a 500 percent rise in year-on-year sales with revenue growth of 450 percent. Today the company has a total of 40 offices across North America, Europe, Asia, Middle East, Africa, and Latin America. The firm has also won a range of awards including being named the ‘Cool Vendor 2015′ by Gartner, ‘Most Innovative Tech Company of the Year 2017’ by The American Business Awards, ‘Best Cloud Security Product 2018’ by Stratus Awards, and recognized as the ‘Best AI Cyber Security Product 2019’ by the National Cyber Awards.
Talking about the future, Eagan says, “We are now in the midst of a cyber arms race. The battlefield is going to be inside of every company’s network, and we are going to see a war against algorithms.” In light of this, Darktrace intends to come up with new autonomous AI security offerings. “The artificial intelligence market is ripe for massive growth over the next decade. Autonomous response is going to be the only way forward when it comes to fighting AI attacks,” states Eagan. With a steep growth rate and a global presence, Darktrace is all set to revolutionize the cybersecurity landscape with its unique AI solutions.
June 26, 2019
Darktrace Delivers Real-Time Cyber AI with Amazon VPC Traffic Mirroring
Darktrace, the world’s leading cyber AI company, today announced its agentless integration with Amazon Virtual Private Cloud (VPC) Traffic Mirroring, launched today at AWS re:Inforce. With VPC Traffic Mirroring, Darktrace Cloud customers can benefit from real-time threat detection and autonomous response across AWS, without relying on agents, sensors, or logs.
Cyber AI learns the unique real-time ‘pattern of life’ for every container, user, and asset, regardless of configuration, as it observes traffic activity. As a self-learning system, it is constantly learning from what it sees, giving it the ability to detect and respond to novel, emerging threats across AWS. Unique cyber-threats identified by Darktrace AI include critical cloud misconfigurations, attempted data theft by malicious insiders, and unencrypted intellectual property in the cloud.
Over 600 Darktrace Cloud customers use cyber AI to protect their cloud infrastructure and workloads from subtle insider threats, advanced criminals and other sophisticated adversaries. Darktrace’s cyber AI defends diverse data environments, including multi-cloud, hybrid networks, and multi-account AWS environments, consistently identifying emerging threats that traditional or native security tools miss.
“In an era of machine-speed attacks and flexible cloud environments, Darktrace’s ability to detect and autonomously respond to cloud-based threats as they emerge has never been more essential,” commented Eloy Avila, CTO, Americas, Darktrace. “Today’s launch of Amazon VPC Traffic Mirroring transforms how businesses secure the cloud, enhancing visibility, enabling agentless deployments, and detecting threats across multi-account AWS environments. This changes the game for cloud security.”