When SVP and Chief Digital & Technology Officer George Ho joined Aviso a year ago, he shared Aviso’s vision that technology should be a catalyst for growth and competitive advantage. They saw digital transformation and modernization as strategic opportunities to differentiate their offering and add value to the client experience. Today, Aviso is building a technology-enabled, client-centric wealth management ecosystem to help clients drive revenue and unlock strategic growth opportunities. To protect its clients’ assets and their customers, Aviso relies on the Darktrace ActiveAI Security Platform for cyber resilience. With over 20 years of experience within the financial services industry, Ho oversees Aviso’s strategic technology roadmap and guides the digitization of Aviso’s products, processes and services.  

“We are in the business of trust, keeping Aviso’s network, systems and data secure is a vital component to our overall growth journey,” said Ho.  

Like most businesses facing a rapid increase in cybersecurity threats, Aviso’s skilled analysts were bogged down by manual processes and an overwhelming volume of alerts. Aviso sought Ho’s technology and cybersecurity expertise to address these immediate challenges and to transform the organization’s approach to cyber resilience to drive impact across the organization and into the future.  

‍

Ho joined Aviso knowing there was an opportunity to increase the level of protection that their existing cybersecurity tools–including a native email solution and a security information and event management (SIEM) system for logging and monitoring– were providing. He quickly got to work, collaborating with numerous stakeholders to develop a sophisticated cybersecurity strategy designed for the digital age. Central to that strategy would be a modern threat detection and response solution that could deliver full visibility and transparency 24x7x365 automated monitoring, faster and more comprehensive threat detection to enable quicker triage, and autonomous response capabilities to drive greater efficiency within his team.  

Ho had worked with Darktrace in the past and knew the platform could meet Aviso’s ambitious needs. After conducting a Proof of Value and side-by-side comparison, it was clear that Darktrace significantly outperformed Aviso’s existing security controls. Confident that Darktrace could deliver the visibility and automation Aviso needed to strengthen its cybersecurity strategy while also improving efficiency and productivity, the organization chose:

• Darktrace / NETWORK and / ENDPOINT for network detection and response

• Darktrace / IDENTITY for identity management

• Darktrace / EMAIL for email security

Darktrace’s comprehensive visibility, Self-Learning AI and automation capabilities were critical factors in Aviso’s decision to choose Darktrace.  

Self-Learning AI and autonomous action

During the Darktrace proof of concept, the evaluation team saw firsthand how Darktrace Self-Learning AI automatically detects potential threats using Aviso’s own data, autonomously investigates those potential threats–significantly saving analysts’ time, and then take precise autonomous action to neutralize them. Darktrace Self-Learning AI is unique because it is trained on an organization’s own data vs. large public data lakes. Rather than learning what an attack looks like, Darktrace Self-Learning AI looks for activity that is unusual based on an organization’s typical operations. Any activity that deviates from the normal baseline signals a possible threat.  

“Our Chief Information Security Officer was initially skeptical,” said Ho. “But he was so impressed with Darktrace and its AI capabilities that he advocated for adding additional services like Darktrace / ENDPOINT to the contract.”

Visibility across all environments

Aviso wanted a single solution that could protect its on-premises and cloud environment and provide analysts with quick and comprehensive insights into all activity. One of the things Aviso’s team found most useful is Darktrace’s single pane of glass. Analysts can view all of Aviso’s data – regardless of environment – on a single screen. “We don’t have to switch from solution to solution. The information is all there, in one location, giving us a holistic view across the enterprise,” said Ho.

While still in the early stages of using the new platform, Aviso is already realizing significant benefits with Darktrace.  

Faster and better threat detection and response

When Aviso compared Darktrace to its previous SIEM and email solutions, the results were exciting.

• Aviso tracked 6.7 billion network events in one month using Darktrace.  

• Of those events, Darktrace investigated 23 million alerts, saving Ho’s team an estimated 1,104 hours of manual investigation.  

• When comparing Darktrace automation to its previous SIEM, Darktrace flagged 73 potential threats for investigation, autonomously investigating and responding to the majority of those threats. Their previous SIEM solution flagged just 11 potential threats, and Aviso’s analysts had to manually investigate and respond to all of them.  

• While Aviso’s SIEM did not find any critical incidents, Darktrace identified eight.

• Aviso’s native email security filtering capabilities took action on just 13,125 emails vs. Darktrace / EMAIL, which successfully took action on an additional 18,000, for a total of 31,125 emails.

“The stats alone show that we are detecting, investigating and responding to far more incidents than we did with our existing solutions. Darktrace is detecting 100% more critical incidents on the network and more than twice as many potentially malicious emails versus our previous solutions. Not only is Aviso far more secure, but we are also more efficient – that’s a lot of incidents we don’t have to review manually, and a lot of emails people don’t have to read,” said Ho.  

Cyber resilience and greater efficiency

Today, Darktrace monitors Aviso’s entire environment 24x7x365 using AI-driven insights to automatically detect and determine potential threats on its own and take autonomous action when needed. Darktrace Cyber AI Analyst autonomously investigates every alert, connecting seemingly benign events to correlate related activities and alerts into a single incident – all without the need for human intervention. Thousands of alerts investigated are paired down to only a few critical incidents that require human investigation. Darktrace Cyber AI Analyst drastically reduces Aviso’s Mean Time to Recovery by recommending actions unique to each incident and assisting Aviso’s security team in fixing malicious items and restoring affected assets to a pre-incident state.  

“Darktrace has significantly reduced the time we spend investigating events,” said Ho. “This means Aviso’s analysts can now focus on more proactive and strategic areas like vulnerability management and continuing to enhance business practices in other areas such as service, operations and compliance.”

Having his team trained through the Darktrace Certification Program has also been a key factor in their success.

“It has enabled us to leverage our investment in Darktrace and maximize the results,” said Ho. And, if they need additional expertise or support, they can contact a Darktrace SOC analyst who will quickly answer questions and help them investigate and triage. While Aviso hasn’t needed to respond to any serious security threats since using Darktrace, Ho said it gives them “peace of mind knowing that while we can’t monitor our systems 24x7x365, Darktrace can.”

Empowering Aviso’s business and its clients

Aviso’s robust, modern cybersecurity strategy is a massive competitive differentiator for several reasons:

1. Increase Risk resilience: Nothing can cause more damage to an organization than a serious cyber-attack. A single attack could simultaneously cost millions of dollars in fines, lost revenue and decreased stock value; severely disrupt business operations; cause irreparable reputational damage; scare away investors; and motivate customers to move their business to a competitor.  

2. Builds confidence in business practices: Customers, partners and investors are more likely to engage with a company that demonstrates strong cybersecurity practices, opening doors to collaborations and new opportunities.

3. Strengthens Foundation for innovation and growth: By embedding cyber resilience into their core strategies, organizations can create an environment where creativity, growth and opportunity flourish. Knowing their digital systems are protected gives organizations the resources and confidence to pursue bold initiatives, adopt emerging technologies and unlock new revenue streams.

Protecting the businesses that protect investors

Aviso knows not all clients have the cybersecurity expertise and resources to implement a full cyber resilience strategy. To help its financial services partners become more proactive with their cybersecurity while keeping costs down, Aviso is exploring the idea of providing a portfolio of cybersecurity services to its clients, powered by technologies like Darktrace, to create a financial services landscape that is safer and more innovative for every business.