Darktrace: 85 per cent of high-risk vulnerabilities unpatched after a week

AI-security firm explains the benefits of organisation-centric security

Darktrace spoke at the IT Leaders Festival 2022

Image:
Darktrace spoke at the IT Leaders Festival 2022

The best way to protect yourself from cyber attacks is organisation-centric security

That's according to Darktrace, speaking at Computing's recent IT Leaders Festival 2022. Elliot Stocker, product marketing manager at Darktrace, explained that his firm's tools work to understand what's normal at customer organisations.

"We go into an organisation to work out what 30% of their environment they most want to protect, because that's why hackers will most be looking for.

"Our AI system understands normal behaviour in every organisation, because that can be a known, whereas the potential attackers are unknown. And AI can do that at scale, which is very hard for humans trying to assess behaviour across an entire estate."

According to Stocker, the key concept is that it's organisation-centric.

"We're not looking at threats we've seen in the wild then adapting to them, we're learning your patterns of behaviour so we know when something's abnormal and potentially the result of an attack."

This is highly necessary, Stocker continued, because security vulnerabilities often take a long time to be closed off.

"According to our research from July 2022, 85% of high-risk vulnerabilities are not patched within the first week. And 70% are still unpatched after a month," he added.

Whilst extolling the virtues of AI, Stocker emphasised that people are still needed.

"We always have a human in the loop, it's not just the AI operating alone. But having said that, the AI does free up a lot of time in the security chain."

He also discussed security awareness training, explaining how it can be improved by the AI's period of learning within the organisation.

"After our tool has been within the organisation learning its patterns, we know it well. So instead of sending a blanket, standard email around awareness training to everyone, we can personalise it. For instance we'll know that two people have been chatting about rugby over email or messaging, so we can attempt a white-hat phishing attack offering rugby tickets, using natural language processing.

"That can make it far more impactful."

Day two of the IT Leaders Festival will take place online on Tuesday 11th October.