At a glance:
Senior executives targeted by sophisticated email attacks
Turned to AI email security for an additional layer of defense
Experienced drastic decrease in number of malicious emails reaching inboxes
Alleviated manual work for the security team
Extended Darktrace coverage to protect Azure environment
AI-Powered Email Security
Lighthouse Global handles sensitive legal data on a daily basis, and this demands the highest degree of protection. Recognizing that the vast majority of cyber-attacks start in the inbox, the security team sought an email security technology that could stop novel and sophisticated attacks that evaded their native security controls.
The organization had legacy tools and transport rules in place to fend off spam and recognizable threats, but senior employees were still being targeted by advanced spear phishing attacks containing links to fake login pages designed to capture their credentials, or posing as trusted contacts and asking the recipient to divulge sensitive information.
The team implemented Antigena Email, which analyzes emails in the wider context of the 'pattern of life' of the sender, recipient and wider business. It has reduced the number of malicious emails that land in the inbox to almost zero, taking a huge amount of pressure off the security team.
"Darktrace has greatly enhanced our ability to be proactive with email security," explained Jeffrey Ford, Senior Systems Engineer at Lighthouse Global. "We are no longer playing catch up and looking at individual emails. The ease of use of Darktrace has allowed us to better train up our team and there's no longer a huge learning curve to figuring out and digesting complex transport rules and other difficult ways of doing email security."
This AI-powered detection and response has become critical for Lighthouse Global in the email space, and the team have since rolled out the same approach to cover their Microsoft Azure cloud environment.
Protecting Lighthouse Global's Azure Environment
Lighthouse Global has undergone significant digital transformation in recent years, shifting from largely on-prem datacenters to Microsoft Azure. This has allowed for increased flexibility and efficiency among the workforce, but from a security standpoint has created new risks.
With their existing security tools, the security team had the huge daily task of triaging hundreds of alerts which came through from their cloud environment. Ford notes that Darktrace's AI takes on much of this heavy lifting: "Darktrace does that triaging for us, honing in on malicious behavior and making sure that potential high-priority situations like attempted account takeovers and ransomware incidents are put in front of us straightaway so that action can be taken."
With the more arduous tasks taken care of, the team has had time to be more proactive and particular with their security efforts, focusing on key vulnerabilities that pose a threat to the business.
Scaling with the Business
Lighthouse Global is a fast-growing organization currently processing around 10,000 emails every day. That expansion used to mean an increasingly unmanageable number of security alerts to deal with, risking alert fatigue and human error. Darktrace's Self-Learning AI is constantly evolving its understanding of Lighthouse Global's cloud and email environments, and continues to adapt to changes in the organization.
The team noted how seamlessly the technology adapted to changing email flows, while being able to consolidate large quantities of data with an intuitive and simple-to-use user interface. "Because the UI is so simple to use, the intimidating learning curve which we had come to expect from email security has vanished," explained Ford. "We've been able to quickly train engineers within the company to help out with security rather than hiring in more specialists as our operation expands."
For Lighthouse Global, Darktrace's AI has transformed cyber security into something which supports its growth rather than limits or suffers from it. With Self-Learning AI protecting their email and cloud systems, the security team are afforded extra time to focus on business needs.