Darktrace enters Asia Pacific security appliance market
By Keith Liu March 26, 2015
- Comes in as market is expected to register double-digit growth
- Its algorithms can determine potential threats before any harm is inflicted
THE increase in cyber-attack cases worldwide, particularly with high-profile breaches at Target and Sony Pictures, has resulted in companies scrambling to beef up their own IT infrastructure.
As such, business is booming for security appliances, devices with built-in software to protect companies from malware and security threats.
These boxes are typically easy to install on the company’s network and can be managed with minimum fuss.
IDC’s latest figures showed a double-digit shipment growth at 16.7% for the fourth quarter of 2014, while full-year revenue grew 8.4% to US$9.4 billion, with 2.1 million appliances shipped.
Out of that, 23.4% of the worldwide shipments went to the Asia Pacific region, excluding Japan, with the fourth quarter shipments growth at 32.1% year on year.
No surprises then, that emerging security vendors like Darktrace would look to target this region.
Riding on the back of a fresh US$18-million investment, the Cambridge, UK-based cybersecurity firm recently moved to expand its global reach, launching its Asia Pacific operations in Singapore in March.
With the teams for South-East Asia as well as Australia and New Zealand in place, the company’s Asia Pacific managing director Sanjay Aurora said it’s working to set foot in another important market.
“The next logical step is Japan; we are talking to distributors in Japan as well,” he said.
Darktrace’s technology hails from the University of Cambridge, using advanced machine learning and mathematical engines based on Bayesian inference to analyse and understand the behaviour of devices and users that are connected to the network.
Its management team consists of former executives from UK software firm Autonomy (acquired by Hewlett-Packard in 2011) as well as specialists from the US National Security Agency and the British MI5 (Military Intelligence, Section 5).
The appliance, which essentially connects to the IT system as a clean slate, will learn everything there is to know about the company’s network, including typical packet flow and user behaviours, the company says.
The captured data is then linked to around 300 points of references around network behaviour.
With this ‘intelligence’ and awareness of its ‘self,’ the system uses algorithms to predict future behaviours and determine what is considered usual or safe, or what would be considered abnormalities.
Its ‘condition’ is then displayed through an interface called ‘Threat Visualizer’ which provides a detailed overview of the entire network, including connectivity to external sources.
Any potential anomalies that show up can be screened by security officers or analysts for further action. As such, Darktrace claims the solution can analyse and determine potential threats to the network before any harm is inflicted.
“The new approach to cybersecurity is awareness and education, and to be able to detect things that are not news yet,” said Sanjay.
“Everybody will do the signature and rules-based and walls and locks-based system, but getting in early, detecting abnormalities, will become a very critical piece of the infrastructure going forward,” he argued.
As such, Darktrace isn’t expecting traditional security measures to go away – but it believes that its ‘enterprise immune system’ technology provides a way to overcome the current challenges in safeguarding the network based on policies and known threats.
The company also believes that this type of solution helps to address threats from inside the organisation, which experts believe is equally as dangerous, if not more dangerous, compared with external threats.
Hybrid distribution model for APAC
With the high number of small and medium businesses in this region, Darktrace is looking at a hybrid approach to its sales distribution.
Aside from taking the direct sales model, it is working with large scale partners like BT Security as well as managed service providers to market its appliance, which is available in three sizes, depending on the customer’s network requirement.
Citing an example of a customer with only 15 employees, Sanjay (pic above) said, “Small and medium-sized organisations … are as vulnerable as the big ones.
“Our technology, because it’s available in a smaller box, does not require a rocket scientist to run – it self-learns and provides us with the ability to offer cyberthreat solutions to the entire camp,” he added.
But make no mistake, this is not a hands-off approach to security. A trained analyst still needs to be available to make sense of the warning signals and information that comes through, especially on the Visualizer.
Darktrace believes this is where managed service providers can come in to support companies that don’t have the resources to respond to the threats that are looming.
“Even a florist who does online business, they have your information and my information. While we think – are the banks secure or not – but if the florist is not secure, it is still a problem.
“How we get that awareness all across the spectrum is a big the challenge. So I think the problems will multiply, the problems will compound, and the nature of the problem will become more and more unknown,” Sanjay warned.
It may sound a tad alarmist, but security experts all seem to agree on this point – that cybersecurity should be a top priority for companies moving forward, as the risks these days to a company’s reputation, brand and bottom line are far too large to ignore.
Govt malware, insider threats to dominate security landscape: CyberArk
Data breaches continue to dominate threat landscape: Trend Micro
HP gets serious about security, controversial Autonomy deal bearing fruit
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.