blog post

Is AI Truly Helpful in Cybersecurity Defense? One Company’s Story

DarkTrace is an innovative cybersecurity company that was created to satisfy the need for a better, more reliable and more actionable cybersecurity defense in 2013. While my company at the time was named as Darktrace’s first USA integration partner, they are not now, nor have they ever been, a client or sponsor of CyberEd.io.          

The company was founded 10 years ago by government cyber intelligence officials, experts in the field, mathematicians, and one brilliant market strategist named Nicole Eagan, their Chief Strategy Officer and AI Officer.

Nicole and a largely female-dominated crew have focused on building a comprehensive software suite that applied the principles and capabilities of artificial intelligence (AI) to cybersecurity. Long before ChatGPT democratized AI for the rest of us dummies.  

Today, DarkTrace has proven itself a leader, high in the cybersecurity ranks, amassing more than $500 million in total contract values and helping companies avoid the risks of disruption through AI-guided systems, and for good reason. As explained by Gil Press via Forbes, the introduction of AI in cybersecurity is nothing short of astonishing, helping

people be 20x more effective in cybersecurity defense than outdated, traditional system use.

Yet, most folks don’t understand what a cyber AI platform really is and how it lowers cyber vulnerabilities.

A Cyber AI Platform.

A cyber AI platform refers to the embedded AI within a software product that works around the clock to identify, isolate and address potential vulnerabilities. While traditional systems relied on the notification and detection of anomalies based on firewall penetration, the cyber AI platform relies on historic and real-time data to make informed decisions about what is actually happening and how to best resolve the matter.

For example, DarkTrace uses AI and machine learning to continuously identify threats, alert cybersecurity team members and business staff, and halt the attack. Leveraging AI, DarkTrace uncovers rare and previously unseen patterns in information, amid the noise of everyday activity across an organization’s digital systems. By detecting subtle deviations from the organization’s pattern of life, it can distinguish friend from foe – and highlight true cyber threats or attacks that would otherwise go unnoticed.

For example, a data backup might not seem nefarious, but what if the data upload contains 73% more data than usual (it could just be a busy day or someone could be filtering your data in another direction outside of your company)?

AI recognizes this deviation and intervenes, severing the connection to the company server for a given time. In addition, other DarkTrace product modules step in, reviewing the data, helping cybersecurity team members understand what happened and how to best prevent it in the future.

Darktrace AI begins with learning from previous attack data and uses machine learning to evolve, finding new threats. That ability is why newer security technologies are using similar techniques to identify irregularities because at this point, it’s just not possible to block all nefarious threats, they WILL eventually get through.

Darktrace recognizes when these activities derive or communicate with a known cybersecurity threat-server. If the communication is completely rare, meaning the device in question has never communicated with a given server, the AI further analyzes the interaction to determine the validity of the threat and intervene. Even with the best-laid plans, internal threats may still arise, and hackers are always evolving. Thus, companies know the best solution lies in leveraging the cohesive experience and capabilities of an advanced AI.

What is Darktrace, Really?

This post reads like a commercial for Darktrace, but it is not. I happen to know the product well and you should think of it as a proxy for all of the advanced AI-driven infection prevention and control systems available to purchase today.

Having said that, Darktrace is much more than a simple software vendor. It has created unique, innovative solutions to help organizations achieve stronger cybersecurity and prevent the spread of threats by leveraging key elements that form a strong cyber AI platform.

The Enterprise Immune System was the (brilliant) product name given to the full scale cyber AI platform, unifying real-time threat detection, visualization of activities and interventions, investigation capabilities, machine learning, and self-optimizing controls.

Their Autonomous Response leverages the full Enterprise Immune System across the network through Antigena, an autonomous response that calculates the best action to take at the time to both mitigate the “infection” and prevent its distribution through the network. Meanwhile, cloud-security measures and a complete lineup of threat landscape deployments further optimize security and provide real-time monitoring and intervention if something goes awry.

The cyber AI analyst combines the experiences of human analysts with AI to promote faster and larger responses. In a sense, it derives from machine learning, built on the data from thousands of deployments. By understanding how people investigate data incidents, the system grows more adaptive, capable of giving users access to the most relevant and needed data upon accessing the system.

Threat Visualization

Threat visualization is another aspect of the cyber AI platform. It includes an interactive, intuitive graphic interface that turns the idea of computer-server connections into a color-coded source for investigating and understanding past incidents, current, real-time threats, active deployments, and other network activity.

What Are The Top Threat Landscape Use Cases Of The AI Cybersecurity Platform?

  • Email security, putting the power of AI across a user’s various accounts and recognizing when anomalies arise.
  • Cloud security, deploying DarkTrace Antigena within various SaaS services a company uses to operate, regardless of whether the threat derives from internal or external sources. With Cloud becoming a large part of many organizations, simply protecting at the network level will no longer suffice.
  • IoT-enabled devices, which are growing in number and scale, but also growing in terms of vulnerability. If an unprotected device is suddenly added to a network, the system can connect to and learn the behaviors of IoT-connected devices as well. It can also detect if this device is like others and doing something it shouldn’t be.
  • Ransomware prevention, DarkTrace minimized the risk of someone holding your data and systems hostage by detecting and shutting down pathways before completed code uploads to lock files from access.

Why AI-Guided Cybersecurity Strategies Are a Strong Partner in the Cyber Battle

Cybersecurity threats will never end. Hackers and insiders remain on the hunt for your vulnerabilities, and once found, they will exploit every bit of data from your company, business partners, and customers.

We keep giving them that opportunity, but we must stop.

While older cybersecurity initiatives and software worked for the threats at one time, a newer breed of solutions has evolved that can actively combat threats and protect your data and assets. Instead of relying on human-only measures to identify and intervene, your operation needs a faster, more agile solution.

An AI-guided cybersecurity system recognizes, quarantines, and autonomously responds to stop infections or threats before they spread. DarkTrace was created and based on the most complex security system in history—the human immune system.

Like your body, the DarkTrace cyber AI platform runs intuitively in the background, stopping threats before they spread, and when detected, symptoms become evident within the chain of data to help your team understand what happened and how to prevent it from recurring. In a sense, DarkTrace is like the most advanced medical practitioner on the planet for your data networks.

By considering your uniqueness in every facet, it can devise the best path to avoid illness and prevent disruptions from cybersecurity vulnerabilities, arming your enterprise immune system with a lightning-fast AI.

The point is, whether it is Darktrace or a competitor, it is time for you to make a decision on an advanced, AI-driven software infection control system and act on it. It is already too late.

Author

Steve King

Managing Director, CyberEd

King, an experienced cybersecurity professional, has served in senior leadership roles in technology development for the past 20 years. He has founded nine startups, including Endymion Systems and seeCommerce. He has held leadership roles in marketing and product development, operating as CEO, CTO and CISO for several startups, including Netswitch Technology Management. He also served as CIO for Memorex and was the co-founder of the Cambridge Systems Group.

 

CyberEd.io is reinventing traditional security awareness training with continuous Human Risk Management. In addition, our course catalog is rich with relevant content for C-suite execs, CISOs, senior practitioners to entry level and employees typically not involved with cybersecurity in their daily job duties.  

We empower you to stay ahead of threats and stay secure in our digital world!

Contact Us

+1-609-356-1499 | info@cybered.io

Sign Up for our newsletter

 

© 2024 Information Security Media Group, Corp.

About ISMG | Privacy & GDPR Statement

Get In Touch!

Leave your details and we will get back to you.