Darktrace – Media Roundtable | Event Report
Posted: Wednesday, Jun 22

i 3 Table of Contents

Darktrace – Media Roundtable | Event Report
From KBI

I was recently invited to a Roundtable Media Event held by Darktrace to unpack the new era of cyber security threats. Held on Thursday 16th June, it was led by Tony Jarvis, Director of Enterprise Security and Dave Palmer, Chief Product Officer.

The following is a synopsis of the event and a deeper dive into what was covered.

 

Most Significant Security Threats in Australia Today

  • Ransomwareย 
  • Lower barriers to entry for cyber crime
  • Technology supply chain attacks
  • Account takeovers
  • Out of hours attacks

 

Insights About Ransomware

Given that the ACSC reported staggering $33 Billion losses to ransomware for Australian businesses, itโ€™s unfortunate that 88% of Australian businesses are assentive to paying the ransom. The knock-on effect being that ransomware units are more actively targeting Australian businesses given the higher than average rate of success – a full 20% higher than in the USA. This highlights the necessity to focus more on the risk assessment of ransomware, as well as the need for its early detection to be held in primacy.

 

Key Insights on APTs (Advanced Persistent Threats)

  • A quarter of the domestic incidents Darktrace identifies are against Australian critical infrastructureย 
  • The Australian Federal Budget is putting money into cyber security at a country level, with a boost in further cyber security capabilities of AUD$10B

 

Key Insights on The Australian Healthcare Industry

  • Cyber attacks doubled in 2021 compared with 2020
  • Financial services attacks decreased by 35%, largely in favour of targeting healthcare


Darktraceโ€™s AI-Led Capability

There was a decisive study which illuminated that many vendors claiming their technology used โ€œAIโ€ were not telling the truth, whether unintentionally or through marketing overreach. Through a diligent audit, reality didnโ€™t bare this out for nearly half of those surveyed.

Iโ€™m always sceptical when vendors claim this, so I wanted to ask the hard question; how does Darktraceโ€™s AI work? The response โ€œDarktrace leverages mathematical researchers for our AI capabilityโ€. Expounding, it was stated that the Darktrace Cyber AI Research Centre, based in Cambridge, UK, focuses on how adversaries and defenders may employ artificial intelligence to combat the ever-increasing threat of cyber-attacks. The Darktrace Cyber AI Research Centre, with its suite of PhD-level mathematicians, scientists, and AI professionals, has made significant gains in increasing our understanding of the security landscape. Their recent whitepaper specifies the root of their AI capabilities, with their 100+ patents (protected or pending) covering AI and Machine Learning, helping power our collective insights into attack paths models.

 

Self-Learning AI

Other products on the market leverage a human to make assumptions โ€œyes, you got that rightโ€ or โ€œno, you got that wrongโ€ and it becomes more refined over time with the human element – Darktrace doesnโ€™t need to do that. Their real-time AI capability learns entirely independently – humans are not influencing it – which is different from other technologies.ย 

Their Director of Enterprise Security, Tony Jarvis, stated;ย 

โ€œNot all unusual traffic is malicious, but all malicious traffic will be unusual or abnormal.โ€

This is what Darktrace is looking for: the โ€œunusualโ€ traffic. The traffic that falls outside of that regular pattern.

 

False/Positives

Darktrace doesnโ€™t look at one anomalous behaviour and then assign it as โ€œbadโ€ and subsequently raise an alert. Instead, their AI will identify and assess a parcel of abnormal traffic patterns and then make the alert, therefore reducing the โ€˜trigger finger effectโ€™ and thereby the volume of false-positives. Darktrace then hones in on that group of unusual activity which provides accurate determination that this definitely doesnโ€™t belong, which can be further investigated in greater fidelity.

 

Key Takeaways

  • Ransomware is still on the rise, with 88% of companies still paying the ransom in Australia
  • ACSC reported a staggering $33 Billion losses to ransomware
  • A quarter of the incidents Darktrace sees is against Australian critical infrastructure
  • Darktrace leverages mathematical researchers for their AI capability
  • Their capability learns on its own, humans are not guiding it – which is different from other technologies

————–

Who is Darktrace?

Darktrace is an AI company, and they were first to apply artificial intelligence to cyber security. Their AI machines have a sense of โ€œselfโ€ which allows them to understand if a cyber attack is occuring, and then can allow them to interrupt in real time. This is what Darktrace calls โ€œSelf Learning AIโ€. Darktrace is currently plugged into 6,800 organisations worldwide.ย 

 

Tony Jarvis | Director of Enterprise Security, Asia Pacific and Japan

Tony Jarvis is Director of Enterprise Security, Asia Pacific and Japan, at Darktrace. Tony is a seasoned cyber security strategist who has advised Fortune 500 companies around the world on best practice for managing cyber risk. He has counselled governments, major banks and multinational companies, and his comments on cyber security and the rising threat to critical national infrastructure have been reported in local and international media including CNBC, Channel News Asia and The Straits Times. Before joining Darktrace, Tony previously served as CTO at Check Point and held senior advisory positions at FireEye, Standard Chartered Bank and Telstra. Tony holds a BA in Information Systems from the University of Melbourne.ย 

 

Dave Palmer | Chief Product Officer

Dave is the Chief Product Officer at Darktrace, overseeing the mathematics and engineering teams and project strategies. With over 13 yearsโ€™ experience at the forefront of government intelligence operations, Dave has worked across UK intelligence agencies GCHQ and MI5, where he was responsible for delivering mission- critical infrastructure services, including replacing and securing entire global networks, the development of operational internet capabilities and the management of critical disaster recovery incidents. He acts as an advisor to cyber security start-ups and growth-stage companies from the UK Governmentโ€™s Cyber Security Accelerator and CyLon. His insights on AI and the future of cyber security are also regularly featured in the UK media. He holds a first-class degree in Computer Science and Software Engineering from the University of Birmingham.

The Production Team
The KBI Production Team is a staff of specialist technology professionals with a detailed understanding across much of cybersecurity and emerging technology. With many decades of collective industry experience, as well as expertise in marketing & communications, we bring news and analysis of the cybersecurity industry.
Share This