Differentia Consulting
Darktrace has enabled Differentia Consulting to migrate to a pure cloud architecture.
The Challenge: A Cloud-First Strategy is Difficult to Protect
As an innovative IT firm, Differentia is 100% cloud based, deploying Office 365, Box, Azure, and AWS to improve efficiency across all areas of the business, from office productivity to data management. However, their entirely cloud-based enterprise means their potential attack surface is ever-increasing, and conventional, perimeter-based security tools are rendered ineffective.
“Organizations that adopt a cloud first strategy such as ours become exposed to a whole set of risks that simply can be avoided with deployments within a dark environment,” said Differentia Consulting.
Differentia also found its employees and SaaS users were increasingly vulnerable to impersonation attacks and phishing campaigns. The firm had previously been able to manage this threat with a rules-based approach to email security, alongside traditional filtering tools. However, as threat actors launched increasingly sophisticated attacks that bypassed existing defenses and gateways, phishing campaigns were able to deceive users. This presented too high a risk to the organization and became a primary issue for the Differentia team.
AI Defends Against Threats Across the Enterprise
Differentia Consulting deployed the Darktrace Immune System and Antigena Email to protect its digital infrastructure. Cyber AI detects anomalous behavior anywhere it arises, from the firm’s integrated cloud services, to endpoints, to data ingress and egress, or in user inboxes. Darktrace’s coverage has even allowed the firm to make important digital transformations as they implement new tools and platforms.
In particular, Differentia Consulting have found that attackers have been targeting employee inboxes. At the start of the pandemic, they saw thousands of suspicious COVID-related domains created in an effort to trick users. After deploying Antigena Email, they found these attacks do not even reach the company in the first place and as a result, users no longer have to keep email rules, deny lists, or allow lists as Darktrace deals with the threat before users are engaged, saving significant system administration time.
Darktrace also gives Differentia a full view of its endpoints—providing access details like location and duration—across its services.
“What Darktrace does is truly show the extent of the corporate digital footprint and all the digital interactions that occur,” said Differentia. “It then does an amazing job of determining which of these might pose a threat.”
Using Autonomous Response to Fight Back Against Ransomware
Being a managed service provider, Differentia has insights into the severe damage ransomware attacks cause, able to cripple businesses in a matter of minutes. To defend against this threat, they needed a technology able to respond faster than humans; Darktrace Cyber AI was deployed, helping them stay one step ahead.
Darktrace autonomously detects and stops fast-moving threats seconds after they emerge. This deployment provided Differentia with an immediate return on investment, saving costs on point tools and other risk mitigation strategies as well as uplifting their team by enabling them to focus on higher-level tasks.
“Darktrace is only one of the solutions that we employ to help keep our systems secure, however it is the one that we could not do without,” said Differentia Consulting. The firm was introduced to Darktrace technology by partner Databox 360.
We knew Antigena Email was right for us when, as if by magic, all the junk-mail ended up in the junk folder and all the legitimate email was where it should be, in the inbox.