Customer Story
Network
Cyber AI Analyst

NCG

NCG has transformed its cyber defenses with Darktrace’s AI-driven visibility and autonomous response, cutting investigation times from weeks to minutes, reducing analyst stress, and strengthening security across seven colleges.
20,940
AI investigations conducted autonomously in a single month
97%
of all potential incidents resolved autonomously in a single month
15,835
analyst investigation hours saved over a 24-day period
Play video
About the company

NCG is one of the UK’s leading providers of education, training and employability. It has a clear mission to enable social mobility and economic prosperity through exceptional edu

Industry
Education
Employee #
1000-5000
Country
EMEA
Read the full story of how Darktrace helped this customer
Download case study now

The challenge: A fragmented environment in a rising threat landscape

After years of mergers and inherited infrastructure, NCG’s IT environment had become highly complex. By 2022, the organisation was supporting 16 separate domains, multiple legacy platforms, and inconsistent security maturity across campuses — all with one dedicated security lead.

Visibility gaps across identity, network activity, cloud usage, and third‑party access meant investigations into potential threats could take weeks, placing enormous pressure on a lean team. At the same time, increasing regulatory demands — including Cyber Essentials, NIST alignment, ISO frameworks, and insurer requirements — raised the stakes.

"We had a number of gaps — identity, content, disaster recovery, business continuity, resilience — all of it." - Chris Weeks, Director of IDS

With digital services underpinning teaching, learning, and operations, any outage or compromise could directly affect students’ futures.

Why Darktrace: An AI‑powered foundation for visibility and trust

NCG evaluated multiple security solutions but ultimately selected the Darktrace ActiveAI Security Platform™ for its autonomous capabilities.

“With our staffing resource, we needed a solution with autonomy. Darktrace was leaps ahead of everything else when it came to AI.” - Chris Weeks, Director of IDS

During an extended proof of value, Darktrace immediately unified visibility across campuses, users, and systems — surfacing threats NCG had never seen before, including suspicious login behavior, malicious downloads, firewall bypass attempts, and compromised external accounts.

What once took days or weeks to investigate was now analyzed in seconds by Darktrace’s AI, complete with natural‑language reports.

Deployment experience: Seamless implementation with zero disruption

Darktrace was deployed without interrupting learning or operations. No accounts were disabled, no learners were blocked, and no complaints were raised.

The success of the rollout established trust quickly — not only within IT, but across the wider organisation.

“The deployment was seamless. No blocked learners, no disabled accounts, no complaints. It just worked and it made us look brilliant.” - Chris Weeks, Director of Information and Data Services, NCG

Result: Clear outcomes, less noise

Darktrace’s autonomous investigation and response dramatically reduced manual workload for NCG’s lean security team.

What once took weeks now takes minutes or seconds, with analysts receiving clear, prioritized guidance only when human input is required.

Darktrace also stopped phishing, impersonation, and supplier‑account attacks before they reached users, while providing visibility into student‑driven risks such as dark‑web access, malicious downloads, and firewall evasion. This insight enabled tighter policy controls without disrupting learning.

Executive confidence and compliance

Darktrace reports are now shared directly with NCG’s executive leadership and board, transforming security from a technical concern into a strategic priority.

When ransomware remnants were discovered on a legacy system at a newly merged college, Darktrace provided the evidence needed to secure funding for improved backup platforms and disaster‑recovery initiatives.

Key takeaways

Explore more customer stories

See how others stay one step ahead with Darktrace

Biomerics
Biomerics partnered with Darktrace to stop sophisticated email threats that were evading traditional filters —- protecting critical medical device manufacturing while giving the IT team time back to focus on strategic work.
Read story
Sofukai Foundation Okayama Kyokuto Hospital
Okayama Kyokuto Hospital strengthened ransomware resilience by gaining network-wide visibility and autonomously detecting and containing anomalies with AI, enabling a small IT team to protect clinical operations and improve the reliability of its healthcare delivery system.
Read story
Lake Macquarie City Council
Through Darktrace’s advanced AI capabilities and the strategic support of security partners, SHQ and Data#3, Lake Macquarie City Council has built a resilient email security foundation that provides deeper visibility into threats, reduces operational strain, and helps ensure uninterrupted delivery of critical services to more than 200,000 residents.
Read story
Cogne Acciai Speciali
Cogne Acciai Speciali partnered with Darktrace to gain visibility across IT and OT environments, reduce false positives, and proactively secure its 24/7 industrial operations.
Read story
Gaviota Group
Darktrace’s AI delivers autonomous protection for Gaviota’s operations, stopping phishing, reducing manual workload, and detecting, investigating, and responding to threats across email, network, and endpoints.
Read story
Coca-Cola Beverages Northeast
Coca-Cola Beverages Northeast (CCBN) is using Darktrace / EMAIL to scale email protection across millions of emails annually, significantly reducing the manual burden on the security team without slowing business operations.
Read story
Tokai Kyowa Co., Ltd.
Tokai Kyowa strengthened its cyber resilience by adopting AI-driven security that detects and autonomously contains unknown threats in real time, enabling comprehensive network visibility and effective protection despite limited security staff and extensive international communications
Read story
VIP Community Services
With AI-powered email protection fueling a proactive security posture, VIP Community Services is protecting sensitive patient data, strengthening regulatory confidence, and reclaiming IT capacity without disrupting patient care.
Read story
Broadmedia Corporation
Broadmedia advances content and technology services, like protecting its online education initiatives via AI-driven monitoring, autonomous threat response, and zero trust initiatives to protect 1,800 devices and 500 accounts.
Read story
Alterman
To securely scale business growth, leading electrical contracting company Alterman implemented Darktrace, strengthening visibility across its environment, accelerating threat detection and response, and supporting a growing cybersecurity program without expanding its security team.
Read story
Chuo Springs Co.
AI-driven security delivers real-time threat detection and automated containment, reducing SOC costs and mitigating zero-day and ransomware risks across Chuo Spring’s network.
Read story
Merced College
See how Merced College powers a small security team to protect 10,000+ students with AI-driven automation that dramatically reduced response times, freeing them to focus on strategic security initiatives instead of constant firefighting.
Read story