Darktrace has developed the first piece of unsupervised machine learning software designed to detect and defend against cyber security threats from within computer networks. Using Bayesian algorithms developed by mathematicians from the University of Cambridge, the Enterprise Immune System can be deployed within a network in minutes. The pioneering technology self-learns the normal ‘pattern of life’ of every user and device on a network, flagging suspicious activity with a percentage score of how likely it is to be a genuine threat. It provides an evolving cyber immune system that knows all the usual activities of the organisation it sits within, meaning it can immediately detect and, where necessary, contain the threat while enabling the system to continue running.
Like the human immune system, the Enterprise Immune System does not rely on previous experience of what an attack looks like to understand that an anomaly is potentially threatening. No other software currently achieves this without a level of human input to define the boundaries of the system or certain aspects of the network.
Darktrace defends against the threat of data theft and loss, as well as attacks on the integrity of data. The Enterprise Immune System software can therefore help maintain the public’s confidence in the banks who manage their money, and the healthcare providers that produce their test results – systems that rely on data being scrupulously accurate. Among Darktrace’s customers are government agencies, BT, Irwin Mitchell, the Energy Saving Trust, and the City of Las Vegas.
The intelligence of the Enterprise Immune System means it can be used in almost any scenario, ranging from a typical corporate environment to critical national infrastructure and organisations with anywhere between two and a million devices. This is particularly significant for heavy industry, which is reliant on machinery often designed without cyber security in mind but crucial to the running of important manufacturing, construction and engineering businesses. Many cyber security solutions cannot be applied to these niche requirements.
Machine learning is a form of artificial intelligence that allows computer systems to learn from examples, data, and experience. Rather than being prescribed set tasks within clear parameters, machine learning allows a computer to understand and develop its tasks and adapt over time. Darktrace has taken this model and applied it to the cyber security landscape. In an increasingly interconnected world, it is simply impossible to create ever higher digital walls around global systems, with inputs and devices changing every second; hackers will always find new ways of attacking them. The ability of the Enterprise Immune System to self-learn and identify threats it has never seen before is what helps it stay one step ahead of hackers.
The company, launched in 2013, has seen meteoric take-up across all sizes of businesses and sectors since its first client, Drax, implemented the technology in November 2013. It now has customers in 60 countries and employs over 400 people globally, with a UK base of just over 200. The software engineering and mathematical modelling is undertaken in its Cambridge office.
The nominated team members are:
Jack Stockdale, CTO
Dave Palmer, Director of Technology
Matt Dunn, VP of Engineering
Alex Markham, Senior Technical Specialist
Dr Stephen Casey, Senior Principal Mathematician