Darktrace: Battling Machine Learning Threats, With Machine Learning
As technology, and machine learning, has continued to develop exponentially, the risk and impact of cyberattacks has also increased drastically. Darktrace is using machine learning to get defense once step ahead of the attacks.
State of the Industry
As technology, and machine learning, has continued to develop exponentially, the risk and impact of cyberattacks has also increased drastically. It is estimated that there will be $6 trillion worth of damages caused by cybercrime by 2021[1], and the best way to counteract these threats is machine learning. Historically, cybersecurity companies have looked outwards to stop attacks, but over 70% of business cyber security threats come from insider threats[2].
What is Darktrace Doing About it?
Machine learning is important to Darktrace’s product development, because it believes that this is the only way to maintain an advantage over individuals and entities that are on the attacking side of the cyberarms race. Darktrace co-founder and CEO Nicole Eagan states, “it’s clear that we’re now in the midst of a cyberarms race, and the battlefield is going to be inside of every company network and we’re going to see a war against algorithms”[3]. Since Darktrace is in the defense business against cybercrime, it is essential for the company to constantly develop the product, learn from the learnings its machine is seeing, and adjust to keep up with the growing complexities of cyberattacks.
How Darktrace’s products work is like the human immune system, which is that it attempts to identify its clients normal state of being and then fight off any irregularity (like a virus in the human body)[4]. The current tools, or legacy tools, fail to deal with several of the new forms of threats because they rely on predefined rules, which are not able to adjust in real-time to new types of cyberthreats[5]. Darktrace can evaluate the normal state of being for a company and then identify deviations and either intervene on its own, if clients allow that feature, or notify humans at the organization who can decide how to intervene[6]. One example can be seen when a disgruntled employee decided to leak confidential documents after seeing how the company handled changes after Brexit. Darktrace was able to identify this behavior as abnormal and did not allow this employee to encrypt and send these documents, saving the company from a potentially devastating leak, from an internal source[7]. A legacy tool would not have been able to identify this type of attack, since it is primarily outward looking.
Darktrace is a startup that is a few years old, and has just raised a $50 million Series E round, at an evaluation of $1.5 billion[8]. The goal for the next two years is desperately trying to grow its customer base, given the nature of being an early-stage venture. In the last year, they have doubled their deployments to over 7,000 networks, including a London airport, AIG, and the Science Museum Group[9], although it is still needing to gain customers at a faster rate. In the medium term, Darktrace is looking at the “cheap IoT and smart home stuff [that] is shown over and over again to be enormously vulnerable”[10]. Although they are currently solving larger enterprise issues, they are looking into the future when cars will start on their own, front doors of homes will unlock on their own, and envisioning the importance of stopping cyberattacks on these types of products for a consumer.
The biggest thing they need to address, from an outsider’s perspective, is the fact that they are bleeding cash. Although this may be normal for a startup-phase company, it is unsustainable, and they must address either their cost structure or their need for much larger growth, to stop the $36.2 million loss they have incurred during their expansion period. This issue is further amplified by the fact that Darktrace is a UK-based company and markets in the UK tend to be far more conservative than US markets, where one may go public while incurring losses[11].
The biggest questions for this company are: do you truly believe you are able to stay ahead of the individuals perpetuating this cyberwar from the attacking side, as it seems like attackers are often a step ahead? Second, when do you envision reaching profitability, and do you see this occurring because of large enterprises, or more consumer-based solutions?
Word Count: 792
[1] CNBC, “2018 Disruptor Full Coverage,” https://www.cnbc.com/2018/05/22/darktrace-2018-disruptor-50.html, accessed November 2018.
[2] Darktrace, “Industry Verticals,” https://www.darktrace.com/en/industries/#financial, accessed November 2018.
[3] CNBC, “How billion-dollar start-up Darktrace is fighting cybercrime with A.I.,” https://www.cnbc.com/2018/08/07/billion-dollar-start-up-darktrace-is-fighting-cybercrime-with-ai.html, accessed November 2018.
[4] Siliconangle, “Machine learning cybersecurity startup,” https://siliconangle.com/2018/09/26/machine-learning-cybersecurity-startup-darktrace-raises-50m-1-65b-valuation/, accessed November 2018.
[5] Ciosummits, “Machine Learning,” https://www.ciosummits.com/Online_Asset_Darktrace_Whitepaper-Machine_Learning.pdf, accessed November 2018.
[6] Wired, “Darktrace’s AI,” https://www.wired.co.uk/article/darktrace-machine-learning-security, accessed November 2018.
[7] Wired, “Darktrace’s AI,” https://www.wired.co.uk/article/darktrace-machine-learning-security, accessed November 2018.
[8] Techcrunch, “UK’s cybersecurity firm Darktrace,” https://techcrunch.com/2018/09/26/darktrace-raises-50-million-new-funding/, accessed November 2018.
[9] Techcrunch, “UK’s cybersecurity firm Darktrace,” https://techcrunch.com/2018/09/26/darktrace-raises-50-million-new-funding/, accessed November 2018.
[10] Wired, “Darktrace’s AI,” https://www.wired.co.uk/article/darktrace-machine-learning-security, accessed November 2018.
[11] Siliconangle – Darktrace, “Industry Verticals,” https://www.darktrace.com/en/industries/#financial, accessed November 2018.
Thanks for the submission Michael Scott! From managing a dying paper industry to analyzing cyber security, you’ve grown a lot with technology! I was surprised to see that 70% of threats come from inside the company. Are most of these from disgruntled workers who, as you would say, have “turntables”? I wonder how effective Darktrace can be from once people on the inside know that their company is using the technology. As you would say, “fool me once, strike one. fool me twice, strike three.” I also wonder if they are working on using this technology for threats from the outside. This seems especially relevant to today’s society as governments and companies across the world are fighting foreign intervention. It’s a scary time. As you would say, “It’s simply beyond words. It’s incalculable.”
Thanks for the submission! While the topic is certainly interesting, I come away a little unsure on whether you hit the heart of what the company needs to address in the coming years vis a vis machine learning. While it’s concerning they’re bleeding cash, this is really more of a capital structure issue. As such, I’m uncertain as to whether they’re bleeding cash because their technology is no good or is it simply that they have a difficult capital structure situation? I have no doubt there is a need for cyber defense, but I’m not clear from this reading on HOW Darktrace is using machine learning to improve on existing technologies.
Thanks for this article – it is quite interesting. I am just worried that – generally speaking – people will always try to outsmart the system, and as “criminals” build machine learning capabilities, will Darktrace still be valuable?