Sir Robert McAlpine
We thought it would probably hit about 85 to 90 percent, but actually it’s about 99 percent in terms of email protection – to the point where we are now reviewing all the other products in our stack deciding whether or not we need them anymore.
Facing phishing attacks that were coming from trusted relationships
Turned to Self-Learning AI for autonomous threat detection and enforcement of the ‘pattern of life’ across the entire digital infrastructure
Significant reduction in time spent reacting to potential security breaches
Defending the Inbox
As the UK construction sector experienced more and more successful phishing campaigns, the British construction and civil engineering company Sir Robert McAlpine began to see how these types of attacks were striking closer to home. At the same time, the company was dealing with its own phishing attacks on a nearly daily basis.
In turn, defending the inbox became a primary concern for Sir Robert McAlpine. “We felt that we needed something a little bit different because the standard toolsets and go-to products, which for us was the in-built security from our email provider and a gateway tool, just weren’t enough,” explains Andy Black, Chief Information Security Officer at Sir Robert McAlpine.
Telling Friend from Foe
In searching for a new security product, Sir Robert McAlpine was focused on an extra layer of defense that included behavioral analytics. Many of the malicious emails the company was observing were coming from seemingly trusted relationships, so Sir Robert McAlpine needed something that could deep dive into those established relationships to determine what was legitimate and what wasn’t.
This was what differentiated Darktrace’s AI from other technology for Sir Robert McAlpine; the behavioral analytics capabilities of Darktrace/Email allowed for a more complete investigation into potential email threats. When Darktrace/Email was deployed in ‘Passive Mode’, where it is not configured to interfere, the organization observed how Darktrace AI could learn ‘what is normal’ and detect advanced threats.
“That was a game-changer for us. Even when you adopt the product and put it in passive mode before you turn it on, you get those insights to build up the knowledge of the relationship,” described Black.
After using Darktrace/Email, Sir Robert McAlpine found that it surpassed expectations of protection. “It does everything we wanted it to do. We thought it would probably hit about 85 to 90 percent, but actually it’s about 99 percent in terms of email protection – to the point where we are now reviewing all the other products in our stack deciding whether or not we need them anymore.”
Buying Back Time
Sir Robert McAlpine is no longer taxed by the frequent demands to respond to individual threats as they arise. After witnessing Darktrace/Email in passive mode and its capacity to understand the business, the organization now confidently lets the product operate on its own.
“We barely go into the console, because it is just doing its job. Whereas when we first got it, it was sitting on our screens all the time; we were fascinated by it. But it suddenly became a product that we just let run,” commented Black. “And that gave us so much time back to do more meaningful work rather than just reacting to situations like we were doing in the past.”
Reducing the risk of attacks as well as the time devoted to detecting and responding to them has proven to be a huge benefit of Sir Robert McAlpine’s adoption of Darktrace. While the organization was already leveraging multiple security products, Darktrace’s Self-Learning AI effectively met and neutralized the newly sophisticated threats they feared they would soon become victim to. With Autonomous Response, Sir Robert McAlpine was alleviated of the many management and oversight burdens often inherent in the employment of traditional security tools.
With Self-Learning AI, Sir Robert McAlpine is protected in a rapidly-evolving threat landscape and empowered to run normal operations without sacrificing its security.
“We barely go into the console, because it is just doing its job. When we first got it, it was sitting on our screens all the time; we were fascinated by it. But it suddenly became a product that we just let run.