Rooted in design innovation, Arpa Industriale’s intellectual property, warehouses and customer data are its most valuable assets. Safeguarding these without negatively impacting manufacturing processes and operational continuity is a critical priority. However, as a medium-sized enterprise with a lean IT team, Arpa Industriale faced multiple challenges:

Visibility across the network: With a well-segmented network managed by strict firewall rules, Arpa had a solid foundation but lacked the granular visibility needed to identify subtle, potentially harmful behaviors. The IT team needed a tool to uncover hidden activities and provide actionable insights, with minimal manual intervention.

Preventing email-based threats: Phishing and malicious email links presented a persistent threat to Arpa’s business. The company needed a solution that would enhance its existing email security tools, providing reliable, autonomous protection without adding complexity to day-to-day operations.

Securing critical Operational Technology (OT) processes: Arpa’s production facilities rely heavily on OT systems that demand robust protection, without impacting processes. Any disruption could have significant repercussions, from operational delays to reputational damage.

Recognizing these challenges, Arpa adopted a proactive approach to cybersecurity, seeking an AI-driven solution capable of acting autonomously to support its lean IT team.

Arpa Industriale’s journey with Darktrace began in 2021, implementing Darktrace / NETWORK to bolster its threat detection and response capabilities. The onboarding process was smooth, with the SOC team quickly adapting to Darktrace’s features. The tool’s intuitive design and actionable insights allowed the team to respond faster to potential threats, improving overall efficiency. The solution also provided unparalleled visibility into the company’s network, enabling the IT team to proactively identify and address hidden activities.

“Darktrace gave us more awareness and knowledge about what’s happening in our network,” said Marco Cavallo, IT Manager at Arpa Industriale. “Even with just five minutes a day, the tool’s detailed reports help us analyze workflows and refine processes.”

The insights provided by Darktrace / NETWORK proved invaluable. The tool uncovered organizational patterns, enabling teams to address potential security issues, and take corrective action, before a major incident could occur, including unauthorized software use in violation of company policy.

The insights generated through the enhanced visibility also highlighted areas for optimization: “Thanks to Darktrace, we identified why a factory automation machine wasn’t working,” said Cavallo. “It was easy for us to reconstruct the communication attempts triggered by a specific command, and visualize that a server which had been shut down in response to the command was being queried.” For a company like Arpa, which already had robust network segregation and firewall rules, the added visibility allowed the team to proactively address potential vulnerabilities, enhancing overall security posture.

One of the key benefits of Darktrace / NETWORK was its usability. Even with limited time, the intuitive nature of the tool made it accessible to all team members, fostering a collaborative approach to cybersecurity. Simplified, low-friction processes, combined with automation of repetitive tasks are of significant benefit to security teams already struggling under the strain of alert fatigue, information overload and limited resources.

“Whether or not you’re understaffed, Darktrace provides value,” Cavallo said. “It reports significant events, and you can dive into the details when necessary.” For example, where traffic flow analysis is involved, Cavallo said: “It helps us to optimize and ‘clean’ some communications.”

Darktrace’s detailed reports gave the IT team the insights they needed to analyze workflows, refine processes and adopt a more proactive approach to security. The added visibility enabled the team to address potential vulnerabilities before they could become an issue, enhancing the overall security posture.

Enhanced email security that everyone can use: Darktrace / EMAIL

Email-based threats, such as phishing, are among the most common attack vectors in cybersecurity, and Arpa Industriale is no different. “It’s very important for us to protect against this,” said Cavallo. “We mainly see this as defence that must be kept high to avoid sensitive data breaches to third parties, financial fraud, or even ransomware. Emails from Darktrace during the proof-of-value phase showed how specific attacks were surgically blocked. We realized that other tools wouldn’t have detected these threats, which convinced us to proceed with the project.” To mitigate the risks, Arpa Industriale integrated Darktrace / EMAIL with its existing Microsoft email security tools.

Even with a primary email protection system in place, spam, phishing and other potentially dangerous messages were able to evade controls. “This is where Darktrace / EMAIL brilliantly comes in,” said Cavallo, “It produced additional blocks beyond our native controls, resulting in nearly perfectly clean mailboxes. The interface is intuitive, and the analysis is easy to understand. Everyone in the office can use it effectively.”

The tool’s ability to analyze and block malicious links provided an added layer of protection. The team appreciated the reassurance that Darktrace / EMAIL was continuously working to prevent everyday threats.

“Darktrace / EMAIL during the POV showed how specific attacks were surgically blocked,” Cavallo said. “We realized that other tools wouldn’t have detected these threats, which convinced us to proceed with the project.” - Marco Cavallo, IT Manager at Arpa Industriale

The inclusion of an anomaly score within the blocked email analysis proved especially helpful, allowing team members to quickly assess the severity of potential threats. This functionality not only streamlined threat management but also enhanced overall security awareness across the organization.

Securing Operational Technology with Darktrace / OT

With a large production aspect to the business, Operational Technology (OT) systems are a critical aspect of Arpa Industriale’s cybersecurity strategy. They needed a tool they could trust completely to secure everything, without a need for constant oversight or potential to disrupt processes.

Darktrace / OT provided comprehensive monitoring and analysis of OT environments, giving Arpa full visibility into critical operations.

“On the OT side, we trust Darktrace/ OT to do its job,” Cavallo said. “It’s essential to have a tool that monitors flows between IP addresses and ensures nothing goes unnoticed.”

Darktrace / OT reporting capabilities have been instrumental in maintaining a secure and efficient production workflow. The ability to oversee all environments through a single platform has simplified operations and improved collaboration between IT and OT security teams.

Seamless integration with SOC

Because Darktrace’s technology is familiar across the SOC, getting up to speed has been straightforward. “Darktrace is such a highly rated, well-known, and well-developed product that integrating it with the monitoring data sources in our SOC was simple and intuitive, much more so than other tools that required joint working sessions to be integrated into the SOC platform,” said Cavallo. “It goes without saying that Darktrace is a great added value in the SOC service, because its analysis is far more advanced than classic logs, providing more in-depth and clear results for SOC staff.”

Darktrace: aligning today’s needs and future plans

Arpa Industriale’s sees Darktrace as an integral part of its cybersecurity strategy today, and will keep a keen eye on new developments that align with their needs. The company plans to continue leveraging the tool’s capabilities to enhance SOC operations and stay ahead of evolving threats.

With Darktrace as a trusted partner, Arpa is confident in its ability to protect its digital assets while driving innovation and creating new design stories. The company remains committed to exploring new developments in Darktrace’s platform, ensuring its cybersecurity strategy aligns with its growth ambitions.