Darktrace Creates Enterprise Immune System Using AI
It seems like every other day there is news of some massive security breach resulting in people’s login credentials being scattered all over the digital universe usually accompanied by embarrassing mea culpa statements issued by company executives promising they will “try to do better”. Is it really that difficult to keep things secure? As it turns out, it’s really difficult.
We talked before about 9 hot cybersecurity startups looking to provide solutions that range from making sure you have installed the latest security patch to using machine learning to identify virus signatures on the fly. With the coming age of quantum computing, we will need to take things to a whole new level to ensure the security of critical industries like utilities and defense. One company is using the human immune system as inspiration to develop a security system unlike anything we’ve seen before. A startup called DarkTrace is biomimicry at its finest.
Founded in 2013, London-based startup DarkTrace has taken in just under $180 million in 4 rounds of funding from investors that include Japanese technology conglomerate Softbank. The most recent funding round for Darktrace was in July of 2017 when they closed a $75 million Series D round. Darktrace is “one of the world’s fastest-growing cyber defense companies” and a leader in Enterprise Immune System technology, a new category of cyber solutions based on pioneering Bayesian mathematics developed by the University of Cambridge. Darktrace was actually founded by mathematicians and machine learning specialists from the University of Cambridge and world-leading intelligence experts from MI5 and GCHQ. For all the Yanks reading this, MI5 and GCHQ are the places where James Bond hangs out when he happens to be in “London England”.
Here’s the basic idea behind Darktrace. Imagine that you could easily plug a piece of software into the very backbone of your organization such that every single device, path, port, router, switch, human access permission and server could be visualized and rendered in a nice beautiful 3D diagram. Well, you can, and the interface looks much like the one seen below:
That isn’t just some pretty picture to use at your next board meeting to provide reassurance to your shareholders (though it would probably be perfect for that). That picture represents a vast digital system of interconnected devices with a great deal of complexity and unpredictability when observed by the human eye. With Darktrace though, the “eye” is actually artificial intelligence in the form of machine learning algorithms that immediately begin to learn your environment. The Darktrace system literally comes with no preconceived notions or biases, and starts to assess the situation at hand. What’s “normal”? How does everyone interact? What access permissions does everyone have? It starts to treat your organization just like the way your immune system monitors your body. If everything’s normal, it just continues to learn more about what “normal” is. Then, when something goes wrong, it is able to recognize the symptoms of the problem and raise the alarm.
Yes this whole “immune system” thing sounds pretty cool, and the name “Darktrace” implies that they’re out there shutting down all kinds of sinister boogie men just like James Bond, but does this thing really works? As we described before, the only way we can prove the existence of AI is in the results. In today’s day and age, you can’t roll into firms like the IBM salesmen of old and make people sign on the dotted line because “nobody ever got fired for buying IBM“. Today, you need to show the C-level decision makers that your system works. When you show superior results, they’ll buy your product because cybersecurity is what keeps them up at night the most. So we would ask then, just how fast is this thing being adopted? Here’s a slide posted by Darktrace on April 12th:
Since their solution lives in the cloud, it’s offered via a software-as-a-service (SaaS) model which is one of the reasons they can deploy it in about an hour. One SaaS business metric used above is “Total Contract Value” which generally means the money has been committed to Darktrace by the 2,400 clients that have signed up so far. The fact that this cybersecurity offering has been sold in such meaningful amounts across 12 different industries so quickly shows you that it’s also industry agnostic. You can’t grow your revenue 600% in a single year without having an extremely compelling value proposition that can be proven, and a product that deploys easily and doesn’t need tons of configuration changes across each client. What makes this possible is that whole “self learning” thing that AI is capable of now.
Our self-learning approach is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems.
One piece of advice they’re offering up now to marketing people is to litter your company webpage with interesting and useful information. The idea is that people would much rather read something useful rather than generic marketing copy being produced by some “growth hacker” who says things like “well, I don’t really know about what the product does because I just work in marketing”. Darktrace has done a great job of building an immense library of collateral you should look through if you’re interested:
Their marketing team has done a tremendous job of putting together a library which is a wealth of useful information like a document which provides all kinds of examples about the types of sophisticated attacks they’ve thwarted. Some interesting facts we pulled from all this marketing collateral:
- Darktrace made the CB Insights AI 100 list and they’ve partnered with Siemens (industrial IoT applications) and Samsung (consumer device IoT)
- For banks, the average cost per record stolen is $221, well over the average of $158
- Darktrace installation takes 1-2 hours and value can be proven in 4 weeks (this helps explain rapid sales growth)
- In 2016 alone, ransomware attacks spiked by 6,000 percent, raking in over $1 billion from unsuspecting victims.
- One of Darktrace’s fast-food clients was actually being hacked through a “smart” refrigeration unit and Darktrace spotted it
- 60 percent of all cyber-attacks are carried out by insiders, and only 1 in 4 of those attacks are accidental
- Recently, Darktrace observed a law firm’s video-conferencing unit behaving strangely. It was transmitting large volumes of data to external IPs during board meetings. Insider trading anyone?
- Finally, we rarely draw attention to gender, but we just had to ask – can we spend less time keeping up with the Kardashians and more time talking about women in technology like these two, one of whom co-founded Darktrace?
As an investor, when you hear about what startups like Darktace are doing, the first thing you want to do is get a piece of the action by buying stock in Darktrace. Unfortunately you won’t find a stock ticker for Darktrace because they haven’t had an IPO and they aren’t publicly traded. While it’s clear that “enterprise immune system” isn’t just a marketing term, it’s still one approach out of many, a number of which we elaborated on in a past article titled “6 AI Cybersecurity Startups“. However with Darktrace explicitly stating that they’re planning for an IPO, and the growth in place to get investors very excited about their prospects, you may not have to wait too long before you can buy shares in Darktrace as a retail investor.
Are we going to finally open a position in the Global X Cybersecurity ETF? Or did we go all hero-or-zero on CrowdStrike? Become a Nanalyze Premium subscriber and find out.