Abdullah Al Othaim Investment

Abdullah Al Othaim Investment (AOIC) requires dynamic security to protect their range of businesses spread across a number of cities. After looking for a new solution to meet their challenges, they implemented Darktrace/Network to support the organization in monitoring its cloud environment and extended their protection to Darktrace/Email in 2023.

Darktrace’s AI can be brought to anywhere a company has data, and immediately begins to learn the connections, relationships and patterns between devices and users. With this understanding, Darktrace DETECT™ can identify the subtle deviations in behavior that could signal a cyber-attack and Darktrace RESPOND™ will act to disarm the threat within seconds.

It was this Self-Learning AI approach, rather than learning from historical attack data, that attracted AOIC to Darktrace. “It gives the Directors confidence that Darktrace is equipped to handle the evolving threat landscape, helping us stay one step ahead of emerging cyber threats,” said Hasan Ahamed, IT Infrastructure Head at AOIC. As AOIC’s business expands, Darktrace adapts to its growing digital environment with its ever-evolving understanding of ‘normal’ for the organization.

AOIC operates across a number of cities in the Kingdom of Saudi Arabia, meaning that the team travel frequently and make frequent use of the Darktrace mobile app. “The Darktrace Mobile App means I can monitor and receive alerts on the go, and being able to control RESPOND actions remotely gives us an additional layer of protection out of hours,” commented Hasan.

“We have ambitious plans to scale our multi-city business and our cybersecurity needs to reflect these ambitions. Darktrace watches our backs 24/7 to ensure our digital environment and email infrastructure is protected, allowing our IT team to focus on core business.” – Dr. Mazen Khalil, Group IT General Manager

In an era where cyber-attacks are growing increasingly sophisticated, AOIC wanted an always-on, autonomous solution that could augment their lean security operation and fill a cyber security skills gap in the team.

DETECT continuously analyzes billions of data points from sources across the network in real-time to discover anomalies. It communicates its findings to the security team in digestible alerts, reducing the security team’s time-to-meaning. Because it doesn’t depend on rules and signatures updated by humans, or on threat intelligence, it is able to identify and contain potential threats that the security team wouldn’t know to search for.

“Having Darktrace in place means that I can focus on the server and the rest of the security architecture,” said Hasan Ahamed. “It gives my team peace of mind and takes care of the low-level analysis so we can focus on higher-level work.”

Since AOIC are operating with a lean team, strong customer and technical support is critical to ensuring that their deployment is fit for purpose and in helping them extract maximum value from their products. AOIC worked closely with Darktrace’s 24/7 technical team to finetune their models and continue to assist in implementing new features and integrations.

“Darktrace offers a high level of support, including on-demand training which has been helpful in getting us to grips with the platform. We’ve been fully supported from the contractual phase throughout the implementation and configuration of the solution,” said Hasan.

For AOIC, adding email protection to their Darktrace/Network deployment was a no-brainer. Having previously used a gateway-style solution, they found that too many email threats were penetrating their defenses, with impersonation attacks posing a particular problem. In addition, the tool was resource-intensive to update, with a requirement to regularly finetune policies as well as a lengthy manual process to release false positive emails.

In contrast, Darktrace/Email applies Darktrace’s signature Self-Learning AI to the inbox for a hands-off approach to email security. By using its understanding of ‘normal’ for every user, it protects against phishing attacks, malware, spam and data loss without being limited to historical attack rules and data.

Since implementing Darktrace/Email, AOIC have seen a better rate of detections and fewer false positives. Bringing /Network and /Email together has given AOIC a greater understanding of which emails belong in the organization, improving accuracy from day one. Where the security team previously had to log into the VPN to release emails, they can now perform these functions from within the Mobile App.

“Because the AI is constantly learning and acting to prevent malicious or unwanted emails, it saves the security team time updating policies and the easy-to-use dashboard allows us to track our status at any time,” commented Hasan.

“As phishing attacks become increasingly sophisticated and convincing with the help of tools like generative AI, we’re pleased to have Darktrace’s AI on side to help us fight back and protect our diverse range of businesses.” – Dr. Mazen Khalil, Group IT General Manager