Poppy Gustafsson: ‘The war on cybercrime needs AI’

‘We must reimagine our approach to fighting cyber attacks, and advanced technology plays a leading role.’
12 April 2019

Poppy Gustafsson, co-CEO of Darktrace. Source: AFP

How do you combat increasingly advanced, AI-driven cyber attacks? According to Darktrace co-CEO, Poppy Gustafsson, you pit machines against them.

“Attacks are already outpacing humans’ ability to combat them,” Gustafsson told TechHQ.

“Traditionally, if you wanted to break into a business it was a manual and labor-intensive process. But AI enables the bad guys to perpetrate advanced cyber-attacks, en masse, at the click of a button.

“We have seen the first stages of this over the last year – advanced malware that adapts its behavior to remain undetected,” she said. ”It won’t be long before we see full-blown AI-powered malware in the wild and we enter a true cyber arms race.”

According to Global Market Insights, the cost of a cyber attack cost large organizations US$10 million on average last year. As the threats become increasingly sophisticated, businesses are pressured to find more proactive forms of defense.

“Most approaches to cybersecurity focus on keeping the bad guys off an organization’s network, by looking at the signatures of historic attacks and building walls to prevent those attacks happening again,” said Gustafsson.  

“Firewalls and patching are important parts of basic cyber hygiene, but what about attacks that you’ve never seen before, or threats already inside the network?

Instead of focusing on the attacks of yesterday or trying to predict those of tomorrow, Darktrace has developed AI (artificial intelligence) that learns what’s normal for a business. It then uses this “pattern of life” to detect and fight back against anomalous behavior.

This program (or “autonomous response technology”) is called Antigena, and can actively defend a network without human intervention. In essence, the technology works like an immune system, identifying and dealing with threats as they emerge.

Gustafsson explained: Unlike humans, AI is always on.

“For human security teams, [Antigena] means that whether it’s late at night, the weekend, or they’ve stepped away for a break, they are confident that their entire digital infrastructure is protected.

“True artificial intelligence learns on the job and dynamically responds based on its self-learning, this is at the core of the Darktrace platform.”

Since founding just five years ago, when it was the only cybersecurity firm “talking about AI”, Darktrace has enjoyed phenomenal growth, now boasting 800 employees, 40 global offices and valuation of US$1.65 billion.

“That usually catches people’s attention,” Gustafsson said on the numbers, and it positions Darktrace as a leader in a market that continues to boom. Led by Gustafsson and CEO Nicole Eagan, and with 40 percent of its staff female, the company is also regarded as somewhat of a leading edge in terms of equal employment.

The cybersecurity industry is now worth US$120 million worldwide, on track to more than double within the next five years, growth symptomatic of both a sharpening awareness of online threats and the scale of the threat itself.

Following high-profile data leaks, such as that of Cambridge Analytica, as well as the added pressures of regulatory compliance such as GDPR, the financial and reputational costs of breaches should be well within business stakeholders’ eye-lines.

At the same time, attacks such as WannaCry and NotPetya have shown just how complex and damaging cyber attacks are becoming.

But, as both public and private sector companies embrace the latest advances in technology, the world is now more connected than ever. Businesses moving to the cloud, or using smart TVs to video conference colleagues around the world, has led to a richer field than ever before for attackers to exploit and mine.

“With new technologies like 5G and self-driving cars will come novel attacks, and with AI on the side of the attackers, it will be almost impossible for human defenders to keep up,” said Gustafsson.

The Darktrace customer-base spans all industry sectors— “from 20-person hedge funds, right up to FTSE 100 companies”— including financial services, charities and even critical national infrastructure, regardless of whether the business is predominantly based in physical environments or the cloud.

While the threat of increasingly complex, AI-powered malware looms, and the number and range of connected endpoints continues to proliferate, Gustafsson reminds that, when it comes to cybersecurity, the weakest links remain very much human.

Employees consistently create compromises by misaddressing emails, losing devices, and sending confidential data to insecure home systems.

“These mistakes can be very costly. Not to mention the risk from disgruntled employees with malicious intent. These attacks are difficult to detect, because the access and activities are coming from trusted users and thus fly below the radar of most detection technologies.”

As such, all companies should practice basic cyber hygiene, like regular patching, firewalls and anti-virus software, which— while no longer enough to fully protect an organization— remain “very important”.

However, when it comes to cybersecurity, organizations will need to trust emerging technologies to take control, as attacks are becoming too clever and stealthy to combat other than with other AIs,” Darktrace’s co-CEO concludes.

Poppy Gustafsson is a New Generation Award finalist in the Veuve Clicquot Business Woman Award 2019.