This article was published on March 23, 2020

Darktrace’s co-CEO on trusting AI to fight cyberattacks on our behalf

Darktrace’s co-CEO on trusting AI to fight cyberattacks on our behalf

When Darktrace launched in 2013, the world of cybersecurity was an entirely different landscape.

“Today, we are used to hearing about artificial intelligence. Six years ago, the idea that you simply couldn’t keep all the bad guys out and that companies needed an AI-powered digital immune system to defend against attacks was radical,” Poppy Gustafsson, co-CEO of Darktrace, tells Growth Quarters.

Fast-forward several years and Darktrace has become of the leading players in the cybersecurity space, in part due to Gustafsson going against the worst advice she ever received: Being told not to do something in a certain way because it went against convention.

[Read: Reinvest and obsess: How BlaBlaCar became a European tech unicorn]

Darktrace’s proprietary technology has of course played a part too. Its Enterprise Immune System technology detects novel attacks and insider threats at an early stage.

Interestingly, the technology is modelled on the human immune system. It can, Darktrace claims, spot the subtle signals of an advanced attack without having to rely on rules, signatures, or prior assumptions.

The tech leans on unsupervised machine learning and AI to understand an organization’s inner structure. It observes users and devices, cloud containers, and workflows — essentially learning what ‘normal’ looks like for every company.

Creating trust and humanizing the product

Darktrace must be doing something right. It reported earnings of €72 million ($78 million) in revenue for the year ending June 2018, up from €37 million ($40 million) the previous year.

Then, in September of that same year, the company joined the highly coveted tech unicorn club with a valuation of €1.5 billion ($1.65 billion.)

But as most entrepreneurs will know, Darktrace’s trajectory hasn’t always smooth sailing.

Changing the perspective of the entire industry was a challenge, Gustafsson says.

“We had to take our customers on a journey to get them to the point where they would trust algorithms to fight back against attacks on their behalf,” she adds, noting how she had to hone her storytelling skills to communicate the technology’s capabilities in a way that made sense to the outside world.

Creating trust around a product and humanizing it are crucial steps for entrepreneurs to take when they’re entering a new market. To overcome this, Darktrace built trust mechanisms into the technology — allowing organizations to first only turn on the AI when they weren’t in the office and slowly build up to give the tech full autonomy.

Tackling challenges head-on

There’s no denying AI‘s transformative potential and the ways in which it’s already safeguarding companies and their data. However, things aren’t always what they seem.

“Many organizations claim to be using artificial intelligence. In reality, they are using basic automation to recreate legacy approaches: They are automating the writing rules and signatures based on historical attacks,” Gustafsson adds.

This approach, the co-CEO notes, is inherently flawed because the cyber threat landscape is ever-evolving and growing in sophistication.

[Read: This AI system predicts air pollution before it happens]

There’s clear evidence that hackers are using AI to intensify their attacks, and this, Gustafsson says, will be the biggest challenge the technology will have to endure in the coming years.

However, this could also be the biggest opportunity for companies operating in this niche and entrepreneurs seeking an entry-point into the market.

“If the threat vector rapidly shifts to adversaries using AI in their attacks, this could change the landscape of the entire marketplace. It will quickly become a war of algorithms, and we see ourselves on the front line of defense,” she adds.

Gustafsson sensibly points out that “we can’t bring humans to a machine fight,” and this, she adds, is a reality the industry has already come to terms with.

Although AI is already taking on more higher level human thought processes, for example, in threat investigation, Gustafsson says we’re only just scratching the surface.

Gustafsson envisions a future where red teaming — the practice of rigorously challenging plans, policies, systems, and assumptions by adopting an adversarial approach — and cyber risk analysis are both driven by AI.

“There is so much more we are yet to achieve,” she concludes.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with