Financial Services

With trillions of dollars in assets continually moving across complex infrastructures and around the world, it is no wonder that the financial services industry has long represented the holy grail for today’s most sophisticated cyber-criminals. And while the companies therein have responded by investing in high maturity security systems, these systems are predicated on an approach to cyber defense that has been antiquated by fundamental shifts in the nature of the cyber-attack.

One such shift is the rise of insider threats, which now account for 74% of business cyber security incidents. Because legacy security tools generally look outward to spot potential attacks, they miss these insider threats that imperil today’s financial institutions. Malicious employees have the advantage of familiarity with the networks and information they manipulate, and their credentials allow them to exfiltrate the most sensitive such information without raising red flags. Moreover, even well-intentioned employees present major security risks thanks to the emergence of personalized spear phishing emails, which trick victims into infecting their networks with malware by posing as friends and colleagues.

Another critical development in the cyber threat landscape has been the dramatic increase in the speed of such threats: modern strains of ransomware, for instance, can encrypt a network in under 30 seconds. As a result, even security tools that manage to alert incident responders to potential dangers are no longer sufficient. The reality is that these responders cannot counter machine speed threats on their own, and regardless, they are often flooded with hundreds or thousands of alerts — far too many to investigate before it’s too late.

Darktrace is the next generation of cyber defense, proven capable of identifying and autonomously responding to subtle attacks that bypass all other security tools. Deployed by many of the largest financial institutions in the world, Darktrace’s AI technology gives industry leaders unprecedented visibility into all their digital activity, as well as the unparalleled ability to detect and contain fast-acting threats in seconds. With Darktrace, security teams are afforded the critical time and knowledge they need to protect the world’s financial assets.

Manufacturing & Supply

Manufacturing companies face significant challenges in an age of increasing digitization, where corporate IT networks are coming to share more functions with traditional operational technologies. Protecting IT and OT environments, as well as ensuring that the supply chain is secure, means that manufacturing companies face cyber-threats from multiple angles.

Manufacturers depend on availability and reliability – machinery must be available to operate, and trusted to deliver. An undetected cyber attack could undermine the production process and cause substantial damage to finances and reputation. Insider threat poses a significant problem too – insiders could be well-placed to access critical systems to deliberately disrupt vital services, but also inadvertent mistakes could allow cyber-attackers to access operational technologies by using the corporate network as a through route. Manufacturing executives are increasingly aware of the greater risk of cyber-attack, and are taking steps to improve on existing security practises.

By working with leading manufacturing companies around the world, Darktrace is helping to defend against cyber-attacks and ensure organizations can operate without disruption. Darktrace’s self-learning technology is uniquely capable of learning a ‘pattern of life’ across both corporate IT networks and operational technologies, enabling it to detect anomalous activity in real time. Darktrace also provides total network visibility, aiding the investigative ability of security teams and providing boardroom executives with greater business oversight.

Government & Defense

Governments and the defense sector face some of the most pernicious cyber-attackers, including state-sponsored ones. The stakes are high and governments are continually confronted with new, unseen threat methodologies that change quickly, move subtly, and are very difficult to detect.

Despite the best perimeter defenses, advanced attackers continue to challenge this sector, while insider threats that evade such perimeter protections are particularly devastating. As the Edward Snowden case proved, insiders render even the world’s most well-defended organizations vulnerable to attack, since legacy tools can rarely detect the malicious behavior of credentialed users. Indeed, non-malicious, legitimate network users also introduce risk, thanks to the increasing prevalence of targeted spear phishing campaigns that seek to trick employees into infecting their networks.

Darktrace works with governments and the defense sector to deliver the best-in-class, most resilient defense against today’s attackers and tomorrow’s threats. It assists governments in achieving oversight and visibility of their myriad networks and users, and it increases their confidence in being able to catch in-progress threats before they do damage.

With our unique heritage in government intelligence – our experts have decades of experience in cyber defense for national security, working in high-risk environments in the US, Canada and the UK – Darktrace is uniquely placed to help protect critical assets and national infrastructures. Darktrace fights back with the same level of sophistication and speed as the adversary, whoever or whatever they are.

Darktrace is the cornerstone of our cyber security strategy.

Rich Malewicz, CIO, Livingston County

Education

The recent escalation of cyber-attacks targeting the education sector has taught museums and schools across the world a valuable lesson: no organization is immune to threats online.

Indeed, educational institutions house significant quantities of sensitive personal information that can be used to commit identity theft, from colleges that collect families’ financials when determining tuition fees, to test providers that store social security numbers for identification purposes. Yet these organizations generally lack the robust cyber defenses that protect data-rich companies in other sectors, rendering them attractive prey for cyber-criminals.

However, today’s most sophisticated attackers are largely not lone criminals looking to sell personal information on the Dark Web; rather, they are coordinated, often state-sponsored threat actors with even more devastating intentions. In March 2018, the U.S. Justice Department indicted nine nation-state actors who allegedly stole 31 terabytes of documents from more than 140 American colleges on behalf of a foreign government, which later launched another attack on 76 universities in 14 countries. These universities produce many of the world’s most transformative innovations, and this intellectual property must be shielded from both financially and geopolitically motivated attacks.

While such external attacks are increasingly subtle and fast-acting, threats from credentialed users present an even greater challenge for legacy security tools. Unfortunately, insider threat is now a fact of life in education: A 2018 analysis of 850 cyber-attacks on colleges found that disgruntled students and staff accounted for a significant percentage of these incidents. Whether insiders attempt to alter grades or steal intellectual property or sabotage the administration, legacy cyber defenses simply can’t see them.

Darktrace’s cyber AI can see them, providing real-time threat detection and autonomous response to spot and stop these subtle attacks and insider threats at an early stage. Today, Darktrace protects some of the world’s leading universities, museums, and educational foundations, allowing them to stop even never-before-seen attacks in real time.

Retail & e-Commerce

The retail sector was the number one cyber-attack target among all industries in 2017. In just the past few years, industry giants from Target to Neiman Marcus have seen their reputations diminished by massive leaks of personally identifiable information, each of which affected tens of millions of customers. These companies themselves face lasting repercussions beyond just reputational damage: Home Depot’s breach, for instance, will likely cost the company $179 million once all its lawsuits finalize.

There are more than half a trillion cashless transactions every year, while e-commerce sales alone are projected to reach roughly $5 trillion by 2021: a virtual treasure trove for cyber-criminals to plunder. Given the hyper-competitive nature of the retail space, companies are vying with one another to maximize ease-of-purchase, a concern that is difficult to balance with the need for robust cyber security.

The industry is also lucrative prey for online threat actors due to the ease with which they can monetize retailers’ assets, which include mountains of credit card numbers and personal information that can all be rapidly sold on the Dark Web for profit. E-commerce sites also directly transfer virtual funds, while many of the security tools protecting these transfers remain susceptible to innovative malware that such tools aren’t programmed to detect.

If anything can be gleaned from the barrage of attacks bombarding retailers globally, it is that these companies must fundamentally shift their approach to cyber defense. Several leading retailers have already spearheaded this shift, entrusting Darktrace’s cyber AI to protect their network from never-before-seen threats, while relying on Darktrace Antigena to autonomously respond to those threats with machine speed.

Darktrace’s Enterprise Immune System has given us peace of mind that we are well-equipped to defend against today’s sophisticated attacks.

Dane Sanderson, Global Security Director, Trek

Healthcare & Pharma

With the digitization of healthcare records and medical processes, and the premium that is paid on the dark web for medical records, the healthcare industry is increasingly becoming an attractive target for cyber-attackers across the world. Indeed, the healthcare industry faced no less than 142 known security breaches in Q2 of 2018 alone, which represents a significant increase from past quarters.

The healthcare sector has, in particular, experienced a rising number of ransomware attacks, in which cyber-criminals encrypt a network’s data and hold it hostage. These criminals consider such healthcare organizations low-hanging fruit for such attacks, as many lack the high maturity defenses to protect themselves effectively.

For pharmaceutical companies, cyber-attacks threaten the intellectual property at the very heart of their businesses, since their multibillion-dollar research is often guarded only by legacy security tools that become more antiquated each day. As these tools remain fixed in their understanding of what constitutes suspicious behavior, cyber-criminals are circumventing them by perpetually creating more and more innovative attacks.

Darktrace’s Enterprise Immune System offers the industry the means to stay ahead of emerging threats that jeopardize the entire sector. We work with hospitals and healthcare providers to deliver real-time awareness and visibility of all digital interactions, and our solution automatically flags emerging behaviors that require investigation. In addition to the Enterprise Immune System’s real-team alerting, Darktrace Antigena can autonomously contain attacks like ransomware in seconds — before they do irrevocable harm.

Legal & HR

Cyber security is today an unavoidable concern for law firms and the legal sector at large, which oversees disproportionately large volumes of sensitive data and which is therefore an attractive target for sophisticated threat actors. From confidential information about mergers and acquisitions to disclosures made under attorney-client privilege, today’s law firms are inundated with data that would be disastrous if leaked, both for the results of individual cases and for these firm’s long-term reputations.

Indeed, this reputational damage diminishes the very trust upon which the legal profession is predicated, jeopardizing client relationships and hindering customer acquisition. Legal organizations lose 5% of their clients following a data breach, while significant or high-profile breaches can even prompt a firm’s eventual collapse, as was the case for Mossack Fonseca in the infamous Panama Papers breach.

In today’s increasingly digital business world, even the most private legal documents are now regularly revised online, transferred over email, and stored in the cloud. This shift creates an urgent need for cyber defenses that can safeguard these files across complex and hybrid infrastructures. Yet most law firms are relatively small, many do not employ large security teams, and few have adequately prepared themselves for the stealthy behavior and machine speed of modern cyber-attacks.

Many law firms across the world — including Magic Circle and Am Law 100 firms — have deployed Darktrace to pre-empt emerging threats before it’s too late. Darktrace’s world-leading cyber AI security has allowed these firms to demonstrate a serious cyber security strategy, one in line with client expectations, and to increase confidence in their defenses against both insider and external threats.

It’s a game changer for us to be able to see threats early or as they are happening. It allows us to take control of a situation.

Mark Vivian, Head of IT Security, Irwin Mitchell

Energy & Utilities

The energy and utility sector has long faced some of the most advanced attackers, from industrial espionage to state-sponsored attacks. As part of national critical infrastructure, the importance of defending these organizations in this new era of threats cannot be underestimated.

It is not just a case of protecting the corporate network either. Industrial Control Systems, such as SCADA, are increasingly being targeted in highly sophisticated attacks that threaten safety and personal security, as well as the long-term future of major infrastructure providers.

As IT and Operational Technology environments continue to converge – and the traditional air gap is undermined – it is critical to attain coverage and monitoring across all networks, so that emerging threats may be detected wherever they are moving.

Darktrace’s ICS capability, with the Industrial Immune System, complements its core Enterprise Immune System technology, making it the only threat detection and investigation tool that addresses both IT and OT environments.

Whether an employee shortcutting security policies, a skilled hacktivist with a grudge to bear, or a stealthy state actor biding time within your network, Darktrace catches the subtle signs of abnormality and identifies threats in their early stages.

Technology & Telecoms

Cyber-attacks targeting technology and telecommunications firms represent the most significant threat to their sensitive customer data and invaluable intellectual property. When successful, such attacks cost these firms dearly, not only in terms of immediate loss of revenue but also in the form of subsequent reputational damage.

Technology firms that provide digital services or house vast quantities of user information are particularly at risk, as demonstrated in the Uber breach that exposed the personal information of more than 25 million users. Regulations around personal data, such as GDPR, increasingly require technology firms to adopt a robust cyber defense strategy that can detect cyber-threats at an early stage.

Cyber-attacks aimed at technology firms with lucrative IP have also become a fact of life in the Information Age. Often perpetrated by nation-state actors with advanced capabilities, these attacks are now remarkably subtle and stealthy, with some of the latest examples beginning to incorporate AI elements. For tech companies that rely on IP to maintain their competitive edge, these subtle and AI-powered threats have rendered static security systems no longer a viable option as a last line of defense.

The world’s most inventive companies are paving the way for a safer and smarter future, but that future is seriously imperiled by the modern cyber-threat, which legacy tools are ill-equipped to counteract. These innovators must therefore be willing to adopt equally innovative cyber security solutions, most obviously for the sake of their reputations and their bottom lines, but not least for their customers around the globe who increasingly entrust them with their livelihoods.

Transportation

Protecting increasingly interconnected critical infrastructure from new cyber threats is a significant challenge faced by the transportation sector. Damage to critical infrastructure has the potential to cause major knock-on effects for business reputation and customer satisfaction. Striking the balance between functionality and security is of vital importance for transportation companies as they provide critical services.

Cyber-attackers may target transportation companies not only to gain access to customer databases or other confidential data that may be monetized, but also to deliberately disrupt critical services, whether for political or ideological reasons. By interrupting the operational technologies managing transport infrastructures, cyber-threats can irreparably damage company reputations and pose a real threat to passenger safety.

Darktrace works with some of the world’s leading transportation companies, from airport groups to train companies, to provide defense against some of the most difficult and subtle threats within their networks.

The unique ability of Darktrace’s Enterprise Immune System to learn the normal behavior of each user, device and network, enables it to spot deviations from the norm and calculate the probability that those deviations represent genuine problems that require investigation. Darktrace detects threats as they emerge, providing total network visibility and ensuring that critical infrastructure can function reliably and safely, without interruption.

We rely purely on Darktrace to highlight changes in behavior that we need to be aware of.

Wayne Smith, Head of IT and Technology, Birmingham Airport

Media & Entertainment

The media and entertainment industry faces a fundamental challenge in the Digital Age: monopolizing content and services at a time when information flows more freely than ever before. This challenge is nowhere greater than in the case of cyber-crime, which threatens the intellectual property at the heart of the industry’s business model.

Such intellectual property is essential for media companies in particular, which spend enormous resources to create films and television shows that they must then defend from threat actors across the world. Yet modern consumers expect media that is highly digitized, with content readily available on multiple platforms — an expectation that is difficult to reconcile with the ideal of data security. In an age of advanced cyber-threat, media and entertainment companies must balance availability and exclusivity to avoid damaging leaks that could severely harm their reputations.

For entertainment companies, the imperative of protecting IP is accompanied by the need to defend sensitive customer data and lucrative digital operations. Online poker sites, for instance, house thousands of users’ credit card numbers, while a ransomware attack that shuts down its services can cost millions in lost revenue. Beyond their direct financial ramifications, security breaches can inflict lasting damage to a company’s brand name.

Many of the world’s leading media and entertainment companies have turned to Darktrace to protect against today’s sophisticated threats. Darktrace’s Enterprise Immune System technology enables these organizations to detect and defend against cyber threats in real time, protecting their key assets and foundational intellectual property with AI that learns on the job. Darktrace also provides total network visibility, affording its users an unprecedented awareness of all the routes that a potential threat could take. With Darktrace’s AI, media and entertainment companies can effectively safeguard their valuable intellectual property while remaining dynamic and innovative.

Darktrace’s approach is unique, and has already detected potentially-damaging threats inside our networks.

Marcello David, Head of IT Security and Compliance, HBG Gaming

Nonprofit

While not-for-profit organizations perform indispensable services around the globe, they nevertheless confront the same cyber security challenges as their profit-making counterparts. In fact, the nature of charitable work renders them a particularly attractive target to certain types of attackers, from hacktivists who disagree with their causes to adversely impacted groups that seek to shut down their operations. Even cyber-criminals who are agnostic to a given nonprofit’s goals can be enticed by the enormous quantity of sensitive personal information that it collects from beneficiaries, which can be used to commit identity fraud.

While these threats require nonprofits to create robust cyber defenses, many rely on remote workers and international volunteers, making their networks complex, expansive, and difficult to protect. Further complicating matters is the increasing digitization of charitable operations, as well as the now-vital importance of online outreach for raising funds and awareness. These factors all pose significant risks for organizations that often lack high maturity security postures.

Darktrace works with leading charities and nonprofit organizations to protect their highly distributed networks and information, enabling dynamic working environments and digital activities that do not put their beneficiaries and their reputations in jeopardy. Darktrace’s Enterprise Immune System technology is easy to use for professionals of all skill levels, it takes just one hour to install, and it can identify potentially devastating cyber-attacks while there is still time to act.

The longer Darktrace AI is on our network, the stronger our defenses get.

Alex Martin, IT Security Manager, YMCA LA