Blog

이메일

Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk Management

Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk ManagementDefault blog imageDefault blog image
03
Feb 2023
03
Feb 2023

As the Director of ITIS for a credit union in the American Pacific Northwest, I know that if malware breaches our internal systems, it will debilitate us and affect the financial wellbeing of our 10,000 members. 

My security team must protect our cyber infrastructure, including our online banking, internal network, and employee email systems. As part of that effort, we are tasked heavily by the Credit Union National Association (CUNA) and the federal government to follow specific, regularly changing standards for our IT security. 

To meet those compliance standards, we deployed Darktrace. Once its AI learned our digital landscape, we could customize the settings to react in specific ways that adhere to compliance frameworks, and we can easily adapt to all changes that we’ve seen.

Darktrace learns the usual behavior of every device and user within our digital landscape. It then uses this understanding to identify threats within seconds and make autonomous, precise decisions that neutralize attacks without disrupting our operations. 

Since we have five locations with hundreds of computers, servers, and switches, I don’t have the capacity to watch every system. However, using network mapping and traffic moderating capabilities, Darktrace gathers all the information I could need. It then generates clear, detailed reports through Explainable AI. 

With its autonomous capabilities, Darktrace helps us stay compliant and stop attacks faster and more reliably than humans, saving my team both time and money. 

Stopping Email Threats with Nuanced Interventions

In my experience, most breaches happen through email. I can control most web traffic with firewall rules and third-party tools. I can’t control, however, if a user clicks on something in a malicious email. 

Darktrace/Email uses AI to identify and stop malicious email activity before it ever reaches a user’s inbox. It can take more detailed actions beyond merely allowing or blocking emails. Instead, it will neutralize the threatening components of emails. I especially love its ability to flatten any attachment into a PDF. 

Since deploying Darktrace, I haven’t had a security breach that I couldn’t explain or fix. Darktrace has even blocked malicious emails that made it through my outside spam folder and internal exchange filter. 

The metrics it provides internally are amazing, too. I can tell who’s moving files, where they’re moving files, what files they’re moving, if they are plain text passwords or shares or other sensitive information. At a glance, Darktrace does everything that would take me hours to trace down. 

With this comprehensive visibility, we’ve started using Darktrace/Email in some unique ways. For example, we pull Darktrace’s metric breakdown of email traffic and feed it into a datamining program to see the efficacy of our marketing email campaigns. 

Beyond the metrics, Darktrace’s ability to autonomously respond to threats gives me peace of mind. I have a machine that watches our email and network around the clock. Beyond stopping breaches from originating in our email systems and shutting down malicious activity in our network, Darktrace brings our email and network data together to make its AI even smarter. I know that when we fall victim to a cyber-attack, Darktrace will handle it. 

Preempting Attacks by Understanding Our External Footprint

External footprint monitoring is an integral part of internal security because detecting and stopping an attack once it is launched is one thing, but being able to preempt an attack is even better. That’s why I deployed Darktrace PREVENT/Attack Surface Management™ (ASM) as soon as I could. It enables me to take a proactive approach and minimize risk before an attack ever occurs. 

PREVENT/ASM generates objective reports based entirely on my unique footprint. It took only 10 days from its implementation until it identified all the assets that were out there, including some we weren’t aware of. 

Now, two months later, it continues to monitor our ever-changing attack surface, informing us of vulnerabilities such as shadow IT, misconfigurations, and brand abuse. When it identifies threats, it generates digestible reports that I pass along to our third-party contractor to handle.  

However, PREVENT’s power is amplified when paired with Darktrace DETECT™ and Darktrace RESPOND™. These three tools work together in the Cyber AI Loop™ to harden our entire security stack.  

Since PREVENT can see potential avenues of attack in advance, the Loop can leverage this data to increase sensitivity in DETECT and RESPOND around these critical access points and inform my security team where to prioritize our resources to have the highest impact.

It’s hard to choose which capability of Darktrace has helped my team the most, because with the feedback loop, I now think of it holistically. Darktrace simply provides the value that I’m paying for, and I’m glad that I have it. As far as security software goes, it’s probably the slickest piece of software I’ve seen in my life, and I’ve been doing this for 30 years. 

My advice to other financial institutions is that if you don’t have an AI security system, you need it. Threat actors have started using AI in their attacks, so we need to use AI to protect against them. Otherwise, it’s like fighting a jet plane with a rock and a stick. With this proactive approach, especially with PREVENT, Darktrace is working all the time to protect our digital estate, harden our security posture, and meet our compliance standards. 

Darktrace’s free Proof of Value gives you the opportunity to speak directly with a Darktrace customer in a 1-1 reference call. Start a trial today.

More in this series:

항목을 찾을 수 없습니다.

Like this and want more?

Receive the latest blog in your inbox
감사합니다! 제출되었습니다!
양식을 제출하는 동안 문제가 발생했습니다.
INSIDE THE SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
AUTHOR
ABOUT ThE AUTHOR
Director of ITIS
Finance (Guest Contributor)
share this article
This Article
Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk Management
Share
Twitter logoLinkedIn logo

Related Articles

항목을 찾을 수 없습니다.

귀하의 비즈니스에 좋은 소식입니다.
나쁜 사람들에게 나쁜 소식입니다.

무료 평가판 시작

무료 평가판 시작

유연한 배송
가상환경에 설치하거나 하드웨어에 설치할 수 있습니다.
빠른 설치
설치하는 데 1 시간 밖에 걸리지 않으며 이메일 보안 평가판의 경우 더 적게 걸립니다.
여정 선택
클라우드, 네트워크 또는 이메일을 포함하여 가장 필요한 곳 어디에서나 셀프 러닝 AI를 사용해 보십시오.
약정 없음
Darktrace Threat Visualizer 및 세 개의 맞춤형 위협 보고서에 대한 모든 액세스 권한이 있으며 구매 의무는 없습니다.
For more information, please see our Privacy Notice.
감사합니다! 제출되었습니다!
양식을 제출하는 동안 문제가 발생했습니다.

Get a demo

유연한 배송
가상환경에 설치하거나 하드웨어에 설치할 수 있습니다.
빠른 설치
설치하는 데 1 시간 밖에 걸리지 않으며 이메일 보안 평가판의 경우 더 적게 걸립니다.
여정 선택
클라우드, 네트워크 또는 이메일을 포함하여 가장 필요한 곳 어디에서나 셀프 러닝 AI를 사용해 보십시오.
약정 없음
Darktrace Threat Visualizer 및 세 개의 맞춤형 위협 보고서에 대한 모든 액세스 권한이 있으며 구매 의무는 없습니다.
감사합니다! 제출되었습니다!
양식을 제출하는 동안 문제가 발생했습니다.

Check out this article by Darktrace: Securing Credit Unions: Darktrace Supports Compliant Email Security and Risk Management