Why AI is essential to modern security
As attackers use automation and AI to outpace traditional tools and people, our approach to cybersecurity must fundamentally change. That’s why one of my first priorities as Withum's CIO was to elevate cybersecurity from a technical function to a business enabler.
What used to be “IT’s problem” is now a boardroom conversation – and for good reason. Protecting our data, our people, and our clients directly impacts revenue, reputation and competitive positioning.
As CIOs / CISOs, our responsibilities aren’t just keeping systems running, but enabling trust, protecting our organization's reputation, and giving the business confidence to move forward even as the digital world becomes less predictable. To pull that off, we need to know the business inside-out, understand risk, and anticipate what's coming next. That's where AI becomes essential.
Staying ahead when you’re a natural target
With more than 3,100 team members and over 1,000 CPAs (Certified Public Accountant), Withum’s operates in an industry that naturally attracts attention from attackers. Firms like ours handle highly sensitive financial and personal information, which puts us squarely in the crosshairs for sophisticated phishing, ransomware, and cloud-based attacks.
We’ve built our security program around resilience, visibility, and scale. By using Darktrace’s AI-powered platform, we can defend against both known and unknown threats, across email and network, without slowing our teams down.
Our focus is always on what we’re protecting: our clients’ information, our intellectual property, and the reputation of the firm. With Darktrace, we’re not just keeping up with the massive volume of AI-powered attacks coming our way, we’re staying ahead. The platform defends our digital ecosystem around the clock, detecting potential threats across petabytes of data and autonomously investigating and responding to tens of thousands of incidents every year.
Catching what traditional tools miss
Beyond the sheer scale of attacks, Darktrace ActiveAI Security PlatformTM is critical for identifying threats that matter to our business. Today’s attackers don’t use generic techniques. They leverage automation and AI to craft highly targeted attacks – impersonating trusted colleagues, mimicking legitimate websites, and weaving in real-world details that make their messages look completely authentic.
The platform, covering our network, endpoints, inboxes, cloud and more is so effective because it continuously learns what’s normal for our business: how our users typically behave, the business- and industry-specific language we use, how systems communicate, and how cloud resources are accessed. It picks up on minute details that would sail right past traditional tools and even highly trained security professionals.
Freeing up our team to do what matters
On average, Darktrace autonomously investigates 88% of all our security events, using AI to connect the dots across email, network, and cloud activity to figure out what matters. That shift has changed how our team works. Instead of spending hours sorting through alerts, we can focus on proactive efforts that actually strengthen our security posture.
For example, we saved 1,850 hours on investigating security issues over a ten-day period. We’ve reinvested the time saved into strengthening policies, refining controls, and supporting broader business initiatives, rather than spending endless hours manually piecing together alerts.
Real confidence, real results
The impact of our AI-driven approach goes well beyond threat detection. Today, we operate from a position of confidence, knowing that threats are identified early, investigated automatically, and communicated clearly across our organization.
That confidence was tested when we withstood a major ransomware attack by a well-known threat group. Not only were we able to contain the incident, but we were able to trace attacker activity and provided evidence to law enforcement. That was an exhilarating experience! My team did an outstanding job, and moments like that reinforce exactly why we invest in the right technology and the right people.
Internally, this capability has strengthened trust at the executive level. We share security reporting regularly with leadership, translating technical activity into business-relevant insights. That transparency reinforces cybersecurity as a shared responsibility, one that directly supports growth, continuity, and reputation.
Culturally, we’ve embedded security awareness into daily operations through mandatory monthly training, executive communication, and real-world industry examples that keep cybersecurity top of mind for every employee.
The only headlines we want are positive ones: Withum expanding services, Withum growing year over year. Security plays a huge role in making sure that’s the story we get to tell.
What’s next
Looking ahead, we’re expanding our use of Darktrace, including new cloud capabilities that extend AI-driven visibility and investigation into our AWS and Azure environments.
As I continue shaping our security team, I look for people with passion, curiosity, and a genuine drive to solve problems. Those qualities matter just as much as formal credentials in my view. Combined with AI, these attributes help us build a resilient, engaged security function with low turnover and high impact.
For fellow technology leaders, my advice is simple: be forward-thinking and embrace change. We must understand the business, the threat landscape, and how technology enables both. By augmenting human expertise rather than replacing it, AI allows us to move upstream by anticipating risk, advising the business, and fostering stronger collaboration across teams.
.avif)
![Darktrace’s detection of suspicious SSL connections to retreaw[.]click, indicating an attempted link to Lumma C2 infrastructure.](https://cdn.prod.website-files.com/626ff4d25aca2edf4325ff97/69c5739b43fdfed6f1b02053_Screenshot%202026-03-26%20at%2010.57.44%E2%80%AFAM.png)
![Darktrace’s detection of a malicious payload being downloaded from the endpoint www.lbfs[.]site.](https://cdn.prod.website-files.com/626ff4d25aca2edf4325ff97/69c57465977a5ae3f07c6d69_Screenshot%202026-03-26%20at%2011.01.05%E2%80%AFAM.png)
