NCG

The challenge: A fragmented environment in a rising threat landscape

After years of mergers and inherited infrastructure, NCG’s IT environment had become highly complex. By 2022, the organisation was supporting 16 separate domains, multiple legacy platforms, and inconsistent security maturity across campuses — all with one dedicated security lead.

Visibility gaps across identity, network activity, cloud usage, and third‑party access meant investigations into potential threats could take weeks, placing enormous pressure on a lean team. At the same time, increasing regulatory demands — including Cyber Essentials, NIST alignment, ISO frameworks, and insurer requirements — raised the stakes.

"We had a number of gaps — identity, content, disaster recovery, business continuity, resilience — all of it." - Chris Weeks, Director of IDS

With digital services underpinning teaching, learning, and operations, any outage or compromise could directly affect students’ futures.

Why Darktrace: An AI‑powered foundation for visibility and trust

NCG evaluated multiple security solutions but ultimately selected the Darktrace ActiveAI Security Platform™ for its autonomous capabilities.

“With our staffing resource, we needed a solution with autonomy. Darktrace was leaps ahead of everything else when it came to AI.” - Chris Weeks, Director of IDS

During an extended proof of value, Darktrace immediately unified visibility across campuses, users, and systems — surfacing threats NCG had never seen before, including suspicious login behavior, malicious downloads, firewall bypass attempts, and compromised external accounts.

What once took days or weeks to investigate was now analyzed in seconds by Darktrace’s AI, complete with natural‑language reports.

Deployment experience: Seamless implementation with zero disruption

Darktrace was deployed without interrupting learning or operations. No accounts were disabled, no learners were blocked, and no complaints were raised.

The success of the rollout established trust quickly — not only within IT, but across the wider organisation.

“The deployment was seamless. No blocked learners, no disabled accounts, no complaints. It just worked and it made us look brilliant.” - Chris Weeks, Director of Information and Data Services, NCG

Result: Clear outcomes, less noise

Darktrace’s autonomous investigation and response dramatically reduced manual workload for NCG’s lean security team.

What once took weeks now takes minutes or seconds, with analysts receiving clear, prioritized guidance only when human input is required.

Darktrace also stopped phishing, impersonation, and supplier‑account attacks before they reached users, while providing visibility into student‑driven risks such as dark‑web access, malicious downloads, and firewall evasion. This insight enabled tighter policy controls without disrupting learning.

Executive confidence and compliance

Darktrace reports are now shared directly with NCG’s executive leadership and board, transforming security from a technical concern into a strategic priority.

When ransomware remnants were discovered on a legacy system at a newly merged college, Darktrace provided the evidence needed to secure funding for improved backup platforms and disaster‑recovery initiatives.