Darktrace shifts to proactive AI strategy to combat rising cyber threats

Tue, 9th Apr 2024

In response to increasing AI-powered cyber threats and a noted skills gap among security professionals, Darktrace has announced a shift to a platform-based strategy. The reorientation will see the migration from reactive cybersecurity operations to more proactive approaches, enabling businesses to better defend against cyber threats.

New statistics show that 74% of security professionals acknowledge the impact of AI-augmented threats on their businesses, while 60% report their organisations being unprepared for such threats. The major weaknesses preventing effective defence against these threats include insufficient knowledge, ineffective use of AI-driven countermeasures, and lack of personnel to manage tools and alerts.

In this evolving cybersecurity landscape, Darktrace has announced the launch of its ActiveAI Security Platform, aiming to provide a more comprehensive visibility over enterprise operations while eliminating alert fatigue. This proactive platform anticipates security control weaknesses and processes before they're exploited, automating a response to known, unknown, and novel threats, thus freeing security teams to concentrate on bolstering cyber resilience as opposed to mitigating alerts continuously.

In addition to its core features, Darktrace's new platform includes an enhancement to its email security solution. Darktrace/Email uses AI to detect early-stage phishing attacks across platforms such as email and Microsoft Teams, enabling the company to identify abnormal user behaviour and possible account compromises promptly, thereby preventing data breaches.

A recent study commissioned by Darktrace shows that security professionals believe AI-driven security solutions will be effective against AI-augmented threats. However, only 26% fully understand which AI types are used in their security stack. To address these emerging threats, 85% of respondents agreed that a platform approach would be more effective in threat management.

Darktrace's ActiveAI Security Platform is designed to transform security operations to adopt a focus on proactive cyber resilience. The platform consists of Darktrace's core detection techniques and autonomous response skills, supplemented by a common AI architecture. The platform's capabilities enable security teams to correlate events across several domains, including cloud, email, endpoint, identity, network and OT environments.

The platform is further enhanced with new features and functionalities such as more explainable, automated, and customisable investigations for all alerts, decryption and new firewall rule analysis to pre-empt threats. Also, Darktrace/Email will include added features that use AI to halt early-stage phishing, detect changes to content beyond what native email providers can identify, and coverage for Microsoft Teams to detect and halt novel insider and complex early phishing threats.

Providing advancements beyond the traditional Common Vulnerability and Exposure (CVE) scoring to identify, prioritise, and review risks in OT infrastructure and potential attack paths, Darktrace/OT is guided by the business's unique needs. New features in the Darktrace ActiveAI Security Platform are expected to be available in early Q2 2024.