Abdullah Al Othaim Investment (AOIC) requires dynamic security to protect its range of businesses spread across a number of cities. After looking for a new solution to meet its challenges, it implemented Darktrace / NETWORK to support the organization in monitoring its cloud environment and extended its protection to Darktrace / EMAIL in 2023.

Darktrace’s AI can be brought to anywhere a company has data, and immediately begins to learn the connections, relationships, and patterns between devices and users. With this understanding, Darktrace Real-Time Detection can identify the subtle deviations in behavior that could signal a cyber-attack and Darktrace Autonomous Response will act to disarm the threat within seconds.

It was this Self-Learning AI approach, rather than learning from historical attack data, that attracted AOIC to Darktrace. “It gives the Directors confidence that Darktrace is equipped to handle the evolving threat landscape, helping us stay one step ahead of emerging cyber threats,” said Hasan Ahamed, IT Infrastructure Head at AOIC. As AOIC’s business expands, Darktrace adapts to its growing digital environment with its ever-evolving understanding of ‘normal’ for the organization.

AOIC operates across a number of cities in the Kingdom of Saudi Arabia, meaning that the team travels frequently and make frequent use of the Darktrace Mobile App. “The Darktrace Mobile App means I can monitor and receive alerts on the go, and being able to control Autonomous Response actions remotely gives us an additional layer of protection out of hours,” commented Hasan.

“We have ambitious plans to scale our multi-city business and our cybersecurity needs to reflect these ambitions. Darktrace watches our backs 24/7 to ensure our digital environment and email infrastructure is protected, allowing our IT team to focus on core business.” – Dr. Mazen Khalil, Group IT General Manager

In an era where cyber-attacks are growing increasingly sophisticated, AOIC wanted an always-on, autonomous solution that could augment its lean security operation and fill a cybersecurity skills gap in the team.

Darktrace continuously analyzes billions of data points from sources across the network in real time to discover anomalies. It communicates its findings to the security team in digestible alerts, reducing the security team’s time-to-meaning. Because it doesn’t depend on rules and signatures updated by humans, or on threat intelligence, it is able to identify and contain potential threats that the security team wouldn’t know to search for.

“Having Darktrace in place means that I can focus on the server and the rest of the security architecture,” said Hasan Ahamed. “It gives my team peace of mind and takes care of the low-level analysis so we can focus on higher-level work.”

Since AOIC is operating with a lean team, strong customer and technical support is critical to ensuring that its deployment is fit for purpose and in helping it extract maximum value from its products. AOIC worked closely with Darktrace’s 24/7 technical team to fine-tune its models and continue to assist in implementing new features and integrations.

“Darktrace offers a high level of support, including on-demand training which has been helpful in getting us to grips with the platform. We’ve been fully supported from the contractual phase throughout the implementation and configuration of the solution,” said Hasan.

For AOIC, adding email protection to its Darktrace / NETWORK deployment was a no-brainer. Having previously used a gateway-style solution, the team found that too many email threats were penetrating its defenses, with impersonation attacks posing a particular problem. In addition, the tool was resource-intensive to update, with a requirement to regularly fine-tune policies as well as a lengthy manual process to release false positive emails.

In contrast, Darktrace / EMAIL applies Darktrace’s signature Self-Learning AI to the inbox for a hands-off approach to email security. By using its understanding of ‘normal’ for every user, it protects against phishing attacks, malware, spam, and data loss without being limited to historical attack rules and data.

Since implementing Darktrace / EMAIL, AOIC has seen a better rate of detections and fewer false positives. Bringing / NETWORK and / EMAIL together has given AOIC a greater understanding of which emails belong in the organization, improving accuracy from day one. Where the security team previously had to log into the VPN to release emails, it can now perform these functions from within the Mobile App.

“Because the AI is constantly learning and acting to prevent malicious or unwanted emails, it saves the security team time updating policies and the easy-to-use dashboard allows us to track our status at any time,” commented Hasan.

“As phishing attacks become increasingly sophisticated and convincing with the help of tools like generative AI, we’re pleased to have Darktrace’s AI on side to help us fight back and protect our diverse range of businesses.” – Dr. Mazen Khalil, Group IT General Manager