Founded in 2013 by mathematicians and former American and British spies, Cybersecurity company Darktrace uses artificial intelligence (AI) to help companies and organizations defend their computer networks. CEO Nicole Eagan says the ability of technology to autonomously protect systems is key to keeping pace with advanced cyberthreats.
CyberScoop: Artificial intelligence, which your company focuses on, has become a buzzword in the cybersecurity industry. What big problem does it solve?
Nicole Eagan: What’s going on in cyber right now, there’s really a broad range of different types of attacks. So you’ve got, on the one hand, very fast-moving attacks, sometimes attached to things like ransomware. And those literally can happen so quickly that it’s hard for human security teams to keep up. Literally, you could have an attack spread to a company and within a time span of two minutes, you could have a large percentage of your laptops and connected devices locked up and frozen.
On the other hand, though, you’ve got some very sophisticated attacks, ones that the nation-states usually refer to as “low and slow.” And those are so silent and so stealthy, that they’re equally hard for human teams to detect because, of course, the whole goal of that type of nation-state-level attack is to go undetected for as long as possible so you can garner as much information as possible.
And so clearly things are … missed by human security teams, even the best of the teams. And that’s one of the reasons we feel that AI really can make a big difference.
CS: How are the algorithms that underpin AI different than generic algorithms?
NE: One thing to think about with AI is this whole emerging area called autonomous response. And what that means is that the AI not only gets smart enough to detect the threats, but to actually take autonomous action. And that’s where I think you can really see things like artificial intelligence change the whole game.
CS: You employ a number of former British and American intelligence officials. How does that improve the quality of your work?
NE: That combination of having folks from the intelligence community, combined with the approximately 30 Ph.Ds in math machine-learning we have, those two groups really make a big difference in the quality of our solution and its ability to detect these unknown threats.
The [former] intelligence community folks work hand-in-hand, side-by-side with our mathematicians and machine-learning experts. And I think they bring a lot of real-world perspective and know-how. In addition to that, we actually have built in the capability where our customers can directly work with those threat analysts.
CS: What’s an industry that has been a surprise for you, where AI has gained traction in a place that maybe you didn’t expect it to?
NE: I think one that, to me, was a really pleasant surprise was the whole area of biotech, and within that specifically, genomic analysis. There’s such an amazing amount of work being done even using AI to analyze rare childhood diseases, mainstream diseases, cancer, and so forth, by doing genomic analysis. And we saw early adoption of Darktrace’s technology in that sector. And that’s been a combination across medical research facilities, nonprofit facilities, as well as venture-capital-funded genomic businesses.
So that, to me, has been … really important and really reassuring because you’d hate to see decades of progress in that area go by the wayside if there was an attack. … The reason I think that’s so critical: people talk about the OPM breach where fingerprints were taken, and one of the reasons for that is fingerprints obviously are unique identifiers, they’re very personal. But also, there are all kinds of use cases for fingerprints that maybe we haven’t even thought of yet. Well, you take that a step further and just think about DNA. If someone’s DNA is hacked, what could the long-term ramifications be not only for them, but for their family members?
CS: What role does AI-driven defense have in a private sector beset by nation-state-sponsored cyber operations?
NE: One of the reasons we actually founded Darktrace is the folks that came out of the [intelligence] community were very aware that critical infrastructure was in many cases being run by the private sector. And the battlefield therefore was shifting, where it was now not just nation-state against nation-state, but it could be nation-state against a midsize company that had interesting intellectual property. So as that battlefield shifted to the inside of company networks, we felt it was paramount that this level of AI and threat detection and autonomous response be brought be brought to the private sector, and to all-sized companies.