Mainstream Renewable Power
No matter how much security training we did, the risk was still there as the emails became ever more sophisticated.
Rapid transition to the cloud in 2014 facilitated global expansion
Relies on Microsoft and Darktrace for a 'belt and braces' approach to security
Autonomous Response disrupts threatening activity around the clock
The Journey to the Cloud With Microsoft
In 2014, Mainstream Renewable Power began its transition to the cloud in support of its expansion into new markets. By leveraging Microsoft's global infrastructure, they were able to increase efficiency and flexibility, scaling to enable rapid global expansion.
Mainstream embraced the full suite of Microsoft products, first implementing Office 365, CRM Online, and SharePoint Online, before later expanding to include PWA, Dynamics 365 F&O, and Microsoft Teams in 2019 to enable hot desking and remote working. Mainstream was also one of the first companies to implement MS Sentinel in 2019 to monitor its entire cloud infrastructure.
This journey to the cloud and remote working blurred the traditional paradigm of the network perimeter and brought new security challenges. Faced with an upsurge in cyber-threats in the email and network realm, Mainstream turned to Darktrace AI in 2020 to complement Microsoft's security products, enhance the security team, and protect its critical digital assets.
Protecting the Inbox With AI
Of high priority for the security team at Mainstream Renewable Power was email. Faced with an increasing number of email threats, they were drawn to the self-learning approach of Antigena Email as well as its ability to autonomously respond to attacks targeting the inbox.
Despite stringent rule-based email filtering within Office 365 and rigorous internal training programs, the growing sophistication of email attacks meant that the threat was always present. "It was hard to shake the 'click first, ask questions later' mindset, where colleagues assumed an email received on their work email account was safe," explains Robert Kennedy, Head of Cyber Security and Infrastructure at Mainstream.
Antigena Email complements Mainstream's existing security controls with an AI-native approach that that learns 'normal' patterns of communication and identifies anomalous behaviour indicative of threat. This contextual understanding enables the technology to take surgical action against email attacks before they reach the inbox, protecting not only the recipient but anyone else targeted by that same email.
"We needed something that could not only monitor but respond in real time 24/7," describes Mark Kane, Global Head of Information Solutions. Antigena Email was set up in under an hour and immediately began learning 'on the job', understanding the 'patterns of life' within Mainstream's email environment in order to stop novel and sophisticated email threats.
Extending the Darktrace Immune System
Seeing the results of Darktrace's self-learning AI in the email environment gave Mainstream the confidence to expand its coverage to the wider network, Azure, and SaaS applications. "The implementation of Antigena Email went so smoothly, and delivered such tangible rapid results, that it was a logical step for us to deploy the Enterprise Immune System," Kennedy comments.
The team were already leveraging all of Microsoft's security products including Sentinel, but Darktrace's AI and Autonomous Response capabilities offered an additional layer of defense, covering the full range of threats including those 'unknown unknowns' never seen before in the wild. "Darktrace and Microsoft offer complementary approaches, giving our security team peace of mind," explains Kane. "We know that if something slips through the net on one side, it will be picked up on the other."
The security team look forward to working together with Microsoft and Darktrace as they find further synergies across their technologies, including Darktrace's integration with Sentinel in 2021.
We’re a global company but our security team also needs to sleep, so we needed something to monitor and respond in real time 24/7.