Outside Looking In, Fortifying End-to-End CybersecurityBy Cinthya Alaniz Salazar | Tue, 08/02/2022 - 09:48
Q: What are the differentiating characteristics of Darktrace’s DETECT technology?
A: Cybersecurity has always been a constant cat and mouse game where the attackers are very agile and creative, so defenders must block every single attack or spot it before it does damage. Companies have understood how to detect attacks but often lack the necessary human teams to defend against them. Darktrace’s technology takes a machine learning approach to understand behavior across an entire digital ecosystem and identify what is normal just by looking at traffic patterns, network connections or device interactions. From this information, Darktrace can observe the baseline of normal behavior.
Q: How do you see the future of this model?
A: The entire industry is embracing automation, human augmentation, machine learning and AI because attackers also rely on automated techniques at scale. Machine learning and AI allow attackers to spread their attacks rapidly and evade traditional detection methods. Cyber attackers will get smarter, which is why traditional approaches and solutions will simply not be able to stop or detect them in the first place.
The industry also lacks trained cybersecurity professionals. Depending on the statistical source, the sector has anywhere from 1.5 million to 3 million unfilled positions worldwide. That number is only going to increase. Over the last two years, we have seen a massive shift mainly accelerated by the COVID-19 pandemic. We are facing the issue of a largely remote workforce with more connected devices that are no longer protected by the traditional corporate firewall.
Q: What makes Darktrace vital to a company’s cybersecurity?
A: Darktrace has evolved over the last nearly 10 years to understand which anomalies represent a threat and have the potential to cause a lot of damage. We introduced an autonomous response technology, Darktrace’s RESPOND, to use AI to augment the response of human teams to these threats, creating a new paradigm in cybersecurity. The industry usually relies on rules and signatures or the traditional antivirus approach, in which humans look at logs days after the event. Darktrace automates the detection of those events, offering a response in seconds instead of days. The system takes all the breadcrumbs of individual alerts and creates a comprehensive narrative of the incident.
These methods operate similarly to a human being. They make observations and give the data to an AI, which can analyze whether there is an incident and create hypotheses that make sense to a human. The autonomous response is designed to allow human teams to identify threats and choose a response method. Darktrace’s AI makes the micro-decisions to empower human teams to make the macro-decisions that require human context and business knowledge. Darktrace’s AI is Explainable, meaning it is easily digested in a complete report so that humans can understand why the AI makes the decisions it does.
Q: What new services and products does the acquisition of CyberSprint bring to the table?
A: Following the acquisition, we integrated Cyber Sprint products into the rest of the Darktrace portfolio, including email and enterprise cybersecurity services and many other end-to-end solutions. CyberSprint’s attack surface management technology helped us increase our knowledge of your external attack surface and is a perfect complement for our internal analysis called End-to-End.
Q: How does Darktrace use its technology to gain an inside and outside perspective of the attacks that its customers face?
A: Darktrace’s new PREVENT technology allows organizations to understand their vulnerabilities both externally and internally. The data gives us a fast overview of the potential attack, its origin and threat actors’ likely target, such as an IT database or customer data. It also tells us if a system is not patched often, if its cybersecurity software is outdated or if the user has an old application. This creates a picture of the critical paths that should be blocked or the areas in which to prioritize adding visibility. It also identifies areas that represent vulnerable access points because they have not been patched – helping teams harden those areas proactively.
Q: What are Darktrace’s market capture priorities in Mexico’s emerging digital-first economy?
A: We have seen a massive shift in recent years, especially since the COVID-19 pandemic. Mexico is also facing the implementation of 5G, which will strengthen Industry 4.0 but lead to an increase in cybersecurity attacks. In the past two years, we have seen a 50 percent increase in high alert threats against private businesses and a 140 percent increase in attacks against government institutions.
Q: What is Darktrace’s strategy to target the mostly price-driven SME market?
A: SMEs rely heavily on cloud-based services to be agile enough to compete with larger businesses. During the past two years, Darktrace has implemented multiple products to better support small teams. The Cyber AI Analyst, for example, helps smaller companies deal with most of the thousands of alerts they receive daily, easing the time to identify a solution by 90 percent. We’ve also been well-known for our proof-of-value trial period. We allow potential clients a free trial of the product, and if they love it, they become customers. This is facilitated by the introduction of the Darktrace remote workforce coverage offered by our own endpoint sensors, which allow us to monitor the activity on all the devices that are doing remote work.
Q: As CTO of Americas, how have you influenced Darktrace’s brand strategy development or the incorporation of emerging technologies?
A: Big data can be useful to solve complex problems that are getting larger and harder for humans to analyze. My priority as Americas’ CTO is ensuring that our business roadmap incorporates feedback from our customers and third-party partners. We are being proactive in gaining our partners’ trust and introducing our technology called Heal – which is expected to be available in 2023. HEAL is the final part of our Cyber AI Loop – a continuously improving feedback cycle that feeds each of our technologies into the other.
Q: What is Darktrace’s desired impact on Mexico’s digital ecosystem?
A: Our objective is to continue growing and introduce Darktrace to the entire region. We also have launched our newest product family called PREVENT, which empowers small businesses to reduce the needed human resources to defend against cyber-attacks in Mexico successfully.
Darktrace is a global leader in cyber security AI on a mission to free the world from cyber disruption. Its Self-Learning AI technology protects over 7,400 customers worldwide from advanced cyber-threats, including ransomware, cloud, and SaaS attacks.