Blog

Email

Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk Management

Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk ManagementDefault blog imageDefault blog image
03
Feb 2023
03
Feb 2023

As the Director of ITIS for a credit union in the American Pacific Northwest, I know that if malware breaches our internal systems, it will debilitate us and affect the financial wellbeing of our 10,000 members. 

My security team must protect our cyber infrastructure, including our online banking, internal network, and employee email systems. As part of that effort, we are tasked heavily by the Credit Union National Association (CUNA) and the federal government to follow specific, regularly changing standards for our IT security. 

To meet those compliance standards, we deployed Darktrace. Once its AI learned our digital landscape, we could customize the settings to react in specific ways that adhere to compliance frameworks, and we can easily adapt to all changes that we’ve seen.

Darktrace learns the usual behavior of every device and user within our digital landscape. It then uses this understanding to identify threats within seconds and make autonomous, precise decisions that neutralize attacks without disrupting our operations. 

Since we have five locations with hundreds of computers, servers, and switches, I don’t have the capacity to watch every system. However, using network mapping and traffic moderating capabilities, Darktrace gathers all the information I could need. It then generates clear, detailed reports through Explainable AI. 

With its autonomous capabilities, Darktrace helps us stay compliant and stop attacks faster and more reliably than humans, saving my team both time and money. 

Stopping Email Threats with Nuanced Interventions

In my experience, most breaches happen through email. I can control most web traffic with firewall rules and third-party tools. I can’t control, however, if a user clicks on something in a malicious email. 

Darktrace/Email uses AI to identify and stop malicious email activity before it ever reaches a user’s inbox. It can take more detailed actions beyond merely allowing or blocking emails. Instead, it will neutralize the threatening components of emails. I especially love its ability to flatten any attachment into a PDF. 

Since deploying Darktrace, I haven’t had a security breach that I couldn’t explain or fix. Darktrace has even blocked malicious emails that made it through my outside spam folder and internal exchange filter. 

The metrics it provides internally are amazing, too. I can tell who’s moving files, where they’re moving files, what files they’re moving, if they are plain text passwords or shares or other sensitive information. At a glance, Darktrace does everything that would take me hours to trace down. 

With this comprehensive visibility, we’ve started using Darktrace/Email in some unique ways. For example, we pull Darktrace’s metric breakdown of email traffic and feed it into a datamining program to see the efficacy of our marketing email campaigns. 

Beyond the metrics, Darktrace’s ability to autonomously respond to threats gives me peace of mind. I have a machine that watches our email and network around the clock. Beyond stopping breaches from originating in our email systems and shutting down malicious activity in our network, Darktrace brings our email and network data together to make its AI even smarter. I know that when we fall victim to a cyber-attack, Darktrace will handle it. 

Preempting Attacks by Understanding Our External Footprint

External footprint monitoring is an integral part of internal security because detecting and stopping an attack once it is launched is one thing, but being able to preempt an attack is even better. That’s why I deployed Darktrace PREVENT/Attack Surface Management™ (ASM) as soon as I could. It enables me to take a proactive approach and minimize risk before an attack ever occurs. 

PREVENT/ASM generates objective reports based entirely on my unique footprint. It took only 10 days from its implementation until it identified all the assets that were out there, including some we weren’t aware of. 

Now, two months later, it continues to monitor our ever-changing attack surface, informing us of vulnerabilities such as shadow IT, misconfigurations, and brand abuse. When it identifies threats, it generates digestible reports that I pass along to our third-party contractor to handle.  

However, PREVENT’s power is amplified when paired with Darktrace DETECT™ and Darktrace RESPOND™. These three tools work together in the Cyber AI Loop™ to harden our entire security stack.  

Since PREVENT can see potential avenues of attack in advance, the Loop can leverage this data to increase sensitivity in DETECT and RESPOND around these critical access points and inform my security team where to prioritize our resources to have the highest impact.

It’s hard to choose which capability of Darktrace has helped my team the most, because with the feedback loop, I now think of it holistically. Darktrace simply provides the value that I’m paying for, and I’m glad that I have it. As far as security software goes, it’s probably the slickest piece of software I’ve seen in my life, and I’ve been doing this for 30 years. 

My advice to other financial institutions is that if you don’t have an AI security system, you need it. Threat actors have started using AI in their attacks, so we need to use AI to protect against them. Otherwise, it’s like fighting a jet plane with a rock and a stick. With this proactive approach, especially with PREVENT, Darktrace is working all the time to protect our digital estate, harden our security posture, and meet our compliance standards. 

Darktrace’s free Proof of Value gives you the opportunity to speak directly with a Darktrace customer in a 1-1 reference call. Start a trial today.

More in this series:

No se ha encontrado ningún artículo.

¿Te gusta esto y quieres más?

Reciba el último blog en su bandeja de entrada
Gracias. Hemos recibido su envío.
¡Ups! Algo salió mal al enviar el formulario.
DENTRO DEL SOC
Darktrace son expertos de talla mundial en inteligencia de amenazas, caza de amenazas y respuesta a incidentes, y proporcionan apoyo al SOC las 24 horas del día a miles de clientes de Darktrace en todo el mundo. Inside the SOC está redactado exclusivamente por estos expertos y ofrece un análisis de los ciberincidentes y las tendencias de las amenazas, basado en la experiencia real sobre el terreno.
AUTOR
SOBRE EL AUTOR
Director of ITIS
Finance (Guest Contributor)
share this article
Cobertura básica
Este artículo
Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk Management
Compartir
Twitter logoLinkedIn logo

Artículos relacionados

No se ha encontrado ningún artículo.

Buenas noticias para su negocio.
Malas noticias para los malos.

Inicie su prueba gratuita

Inicie su prueba gratuita

Entrega flexible
Puedes instalarlo virtualmente o con hardware.
Instalación rápida
Sólo 1 hora de instalación - y aún menos para una prueba de seguridad del correo electrónico.
Elige tu viaje
Pruebe IA de autoaprendizaje donde más lo necesite, incluyendo la nube, la red o el correo electrónico.
Sin compromiso
Acceso completo al visualizador de amenazas Darktrace y a tres informes de amenazas a medida, sin obligación de compra.
For more information, please see our Privacy Notice.
Gracias. Hemos recibido su envío.
¡Ups! Algo salió mal al enviar el formulario.

Obtenga una demostración

Entrega flexible
Puedes instalarlo virtualmente o con hardware.
Instalación rápida
Sólo 1 hora de instalación - y aún menos para una prueba de seguridad del correo electrónico.
Elige tu viaje
Pruebe IA de autoaprendizaje donde más lo necesite, incluyendo la nube, la red o el correo electrónico.
Sin compromiso
Acceso completo al visualizador de amenazas Darktrace y a tres informes de amenazas a medida, sin obligación de compra.
Gracias. Hemos recibido su envío.
¡Ups! Algo salió mal al enviar el formulario.

Check out this article by Darktrace: Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk Management