Seeing the attacks Antigena stopped that were otherwise getting through gave us the confidence to fully activate this for all of our userbase.
At a glance:
Phishing attacks and spoofing emails targeting the workforce
IT security team overwhelmed
Lack of visibility into their digital ecosystem
Email Security Challenges
Safeguarding sensitive customer data is imperative for data service providers like Calligo who are committed to delivering reliable and secure services to their customers.
During the rapid transition to remote working at the start of 2020, Calligo were targeted by an increasing number of phishing emails that its existing security tools were unable to stop, including fake invoices sent to the accounting team.
While effective at stopping spam and other low-hanging fruit, its legacy tools failed to catch the sophisticated and novel attacks increasingly targeting the workforce.
According to Mark Herridge, Calligo's CISO, "We had email protection in place prior to Darktrace but there were gaps.
We could catch standard malware that had been seen out in the wild previously, but we still had problems with phishing and spoof messaging, so we needed something that went beyond the gateway."
Fundamentally, Calligo required an email security solution that was able to provide better visibility across their vast digital ecosystem and, crucially, stop advanced email-borne threats that would otherwise go unnoticed – keeping their sensitive data safe.
Self-Learning AI: Stopping Email Attacks in Seconds
Having seen the results of autonomous AI cyber security across the rest of their digital ecosystem, Calligo decided to extend Darktrace's coverage to the email realm with Antigena Email.
Antigena Email takes surgical action to contain in-progress threats within seconds. The technology works by learning what is 'normal' for every user and detects anomalous emails that fall outside this learned 'pattern of life'. This contextual understanding of all email traffic allows the AI to spot advanced attacks signature-based tools miss.
When cyber-attacks arise, Darktrace takes autonomous and proportionate action to stop the threat while allowing business functions to continue as usual. Through its unique understanding of 'normal', Antigena Email identifies seemingly benign communications to be malicious, uncovering hidden payloads behind links or attachments, and stopping the threat in its tracks.
According to Herridge, "Our 30-day trial was enough time to give us a clear picture of email traffic across all of our users, and seeing the attacks Antigena Email stopped that were otherwise getting through gave us the confidence to fully activate this for all of our user base." The organization has since reported a substantial improvement in its email environment, with significantly fewer phishing and spoofing emails.
Antigena Email was installed in five minutes, cloud-delivered, and effective within hours, protecting Calligo's workforce from the full range of email threats, from advanced impersonation attacks to fraudulent payment requests. "It can be set up in minutes and you'll get value within the hour, with insights into patterns of behavior that you didn't understand or you weren't aware of. It really does turn the lights on.""
Augmenting the Human With Autonomous Investigations
In addition to protecting against novel and sophisticated email threats, Darktrace has helped augment the security team at Calligo with Cyber AI Analyst, which launches autonomous investigations at machine speed into every security event.
The capabilities of Darktrace Cyber AI Analyst add substantial value to Calligo's security stack, especially in its ability to launch on-demand investigations and query SaaS data at any time. According to Herridge, "The AI Analyst is sophisticated, but the intelligence it gives us is clear and actionable – even my newest and most inexperienced starters can use and learn from it on day one."
The intelligence Darktrace gives us is clear and actionable – even my newest starters can use and learn from it on day one.