Direct Federal Credit Union
- Uses Darktrace to continuously monitor internal and external attack surface
- Darktrace has helped to illuminate and prioritize risks for the security team
- Attack surface management insights autonomously feed back into detection and response engines to harden defenses
Managing Cyber Risk with Darktrace PREVENT
As a federally insured financial institution that has Personal Identifying Information (PII) about thousands of members, Direct Federal Credit Union has a strong need to ensure its cyber security efforts are best-in-class. The credit union partnered with Darktrace to bolster its security stack and protect its email system and cloud-based apps.
“No financial institution, regardless of size, is immune to any type of cyber-attack,” said Jim Webber, the Vice President of Information Technology at Direct Federal Credit Union. “One of the biggest areas of potential exposure, like many companies, is employees who use their email as part of their daily work. While Direct spends hours each month providing education to our employees, all it takes is one click on an suspicious email to cause damage.”
Yet, Direct Federal wanted more than just reactive cyber security. To strengthen its cyber risk management, it deployed Darktrace PREVENTTM. This newest Darktrace product family continuously reduces risk and hardens defenses, proactively preventing cyber-attacks.
Darktrace PREVENT/Attack Surface ManagementTM identifies a company’s complete external attack surface and can uncover shadow IT, legacy assets, misconfigurations, hostile phishing websites, and other vulnerabilities.
“The biggest thing PREVENT/ASM has done is made me aware of assets I previously thought business units had retired,” Webber said. “It was also a piece of our security ecosystem that we were looking to reinforce, so it was very intriguing to me. It has made my life a lot easier, as I have a very agile IT team. Knowing that Darktrace has got our back and is constantly looking at our internal and external threats and preventing and remediating those has been reassuring.”
PREVENT/ASM discovered that several third-party business partners with access to some of Direct Federal’s assets were not as secure as the company would have liked. This evidence allowed Direct Federal to work with its partners to remove the vulnerabilities.
“Knowing that PREVENT/ASM is continuously looking for assets and constantly doing vulnerability testing provides me further confidence, assurance, and peace of mind in our cyber security program. We are committed to investing in products that offer our members and institution a best-in-class security program. I am proud to partner with Darktrace, a leader in the industry,” Webber said.
Flowing through the Cyber AI Loop
In addition to PREVENT, Direct Federal strengthens its cyber security with Darktrace DETECTTM + Darktrace RESPONDTM.
DETECT uses Self-Learning AI to learn the granular details of a company, building a dynamic understanding of the devices, connections, and user behaviors that make up the normal “pattern of life.” When it identifies unusual activity that indicates a cyber-threat, RESPOND takes autonomous, surgical action to neutralize the threat without disrupting the flow of business.
The team has benefitted from the fact that Darktrace PREVENT feeds its AI outputs into DETECT and RESPOND to defend critical vulnerabilities and fortify digital systems, creating an industry-first Cyber AI Loop – a feedback loop that constantly hardens the security system against attacks.
“I like the fact that the Cyber AI Loop can autonomously work in the background for us so that I don’t have to manage it 24 hours a day,” Webber said. “It’s like having someone on my team doing that for me but knowing that I’ve got the bright minds at Darktrace looking out for us and acting on our behalf for any suspicious activity. The whole suite of products has given us 100% visibility across our whole ecosystem, which is fantastic. A lot of times we need to use many products to do that, and with the Darktrace products, I have that all in one.”
Direct Federal’s security team especially appreciates how the Cyber AI Loop protects its cloud-based apps. DETECT provides the team with visibility into activity in Microsoft 365 and informs RESPOND’s autonomous actions, which the team found simpler to customize than the built-in security tools. PREVENT scans for vulnerabilities in the cloud, constantly strengthening DETECT + RESPOND’s protection.
“If you’re not using Darktrace, you should be,” Webber said.