Imagine the consequences if tomorrow 10% of the UK\u2019s power supply were to disappear in an instance. That could happen if Drax Power Station, the largest power supplier in the UK, was hacked in an attack that paralyzed the station\u2019s IT system. Drax is facing a common challenge in any digitalized organization today: The number of cyber attacks is increasing while there is a shortage of skilled cyber security experts capable of stopping such attacks. Drax found their solution in cyber security vendor Darktrace that seeks to address their issue through unsupervised machine learning.<\/p>\n
As our society is digitized we are achieving magnificent benefits both in terms of productivity and convenience, but investments in digitalization have not been matched by investment in cyber security. Estimated spend on IT of 3.7T in 2018 dwarfs the estimated 114B spent on cyber security1<\/sup>. It is estimated that cyber security attacks will cost $400 billion each year as a consequence of several billion breached data sets with an average time of ~100 days to discover covered attacks2<\/sup>. Increasing threat of cyber security attacks is expected to drive demand for cyber security professionals 12x faster than the total job market, leading to an estimated expected shortage of 1.5m cyber security professionals by 20203<\/sup>.<\/p>\n The increasing skills gap and growing threat level is why using machine learning is so important to the Darktrace product development. The company\u2019s Cyber AI platform is built on unsupervised machine learning, performing billions of probability-based calculations to teach itself what network traffic in an organization\u2019s IT infrastructure is normal and what traffic should be flagged as a threat5<\/sup>. The company compares their technology to the human immune system, able to identify a virus and start fighting back in real time without having previous experience. In the short term, the Darktrace management team believes their technology can be used by any organization to flag potential threats in real time without much human interaction. In the medium term, the management team envisions that cyber criminals will increasingly deploy machine learning in their attack strategies. Darktrace therefore believes using machine learning is the only way to defend against these types of cyber attacks in the future, as humans will simply not be able to keep up with the pace of machines5<\/sup>.<\/p>\n While the Darktrace approach to cyber security defense has shown early promise and been highly successful against recent ransomware attacks such as WannaCry, the approach using machine learning does have it\u2019s drawbacks. The largest issue Darktrace faces is to educate users. Customers that have not implemented the technology correctly have reported that it produces too many false negatives, leading IT teams to ignore the generated threat alerts. Other customers might be unable to attract the required skills to analyze threat information generated by the technology6<\/sup>. Meanwhile, Darktrace senior management seem set on not providing much help to their customers, proclaiming that they are \u201cnot a consulting firm\u201d and only provides limited support services to customers6<\/sup>.<\/p>\n In order to better address the cyber security threat and skills gap in the near term, I recommend the Darktrace management team focus on building a services organization to support customers with implementation and provide \u201cexpertise as service\u201d on a subscription basis. These services could be built faster if Darktrace partner with IT services organizations to provide external parties that can handle first and second line support to customers as the cyber security services industry shifts to rely more heavily on outsourced service providers7<\/sup>. In medium term, I would recommend the management team address the user friendliness of the product they are selling. If Darktrace is able to simplify the user interface and installation of the product it would greatly increase the value proposition of the product to customers struggling to attract skilled cyber security professionals.<\/p>\n Cyber security will likely be one of the most challenging issues of our time, but with a growing skills gap how can the challenge be solved? Darktrace and their approach using unsupervised machine learning in cyber security product development is likely a large step in the right direction, helping organizations leverage their IT employees and resources more efficiently through automated identification cyber security threats. However, the Darktrace technology will need to support from human judgment in the short-term and will only bridge the skills gap in the medium term if it can be translated into a user friendly platform. If Darktrace can do both of these effectively in the short and medium term, their approach to cyber security might be what enables us to protect our infrastructure from an ever-increasing sophistication from cyber criminals employing machine learning in their attacks. However, if we increasingly rely on unsupervised machine learning to protect our infrastructure, can we live with increasingly not understanding how cyber security technology works to protects us from cyber attacks? (799 words)<\/p>\n Sources <\/strong><\/p>\n \u00a0<\/strong>1<\/sup>Gartner Global IT spend, Gartner, Inc., accessed November 2018.<\/p>\n \u00a0<\/strong>2<\/sup> McKinsey, \u201cDigital and Risk: A new Posture for Cyber Security in a Networked World, March 2018, https:\/\/www.mckinsey.com\/de\/~\/media\/mckinsey\/locations\/europe%20and%20middle%20east\/deutschland\/publikationen\/2018%20compendium\/a%20new%20posture%20for%20cybersecurity%20in%20a%20networked%20world\/kompendium_03_cyberrisk-2.ashx, accessed November 2018.\u00a0<\/strong><\/p>\n 3<\/sup> Rebecca Vogel, \u201cClosing the cyber security skills gap\u201d Salus Journal, volume 4 issue 2, (2016): 3, via Google Scholar, accessed November 2018.<\/p>\n 4<\/sup> Cathrine Clifford, \u201cHow billion dollar start-up Darktrace is fighting cybercrime with AI\u201d CNBC, Augsut 7, 2018, [https:\/\/www.cnbc.com\/2018\/08\/07\/billion-dollar-start-up-darktrace-is-fighting-cybercrime-with-ai.html], accessed November 2018.<\/p>\n 5 <\/sup>Darktrace, \u201cTechnology\u201d https:\/\/www.darktrace.com\/en\/technology\/#machine-learning, accessed November 2018.<\/p>\n 6<\/sup> Ally Ram, \u201cInside Darktrace, the UK\u2019s $1.65bn cyber security start-up\u201d Financial Times, October 9, 2018, [https:\/\/www.ft.com\/content\/2fa5bade-cb09-11e8-9fe5-24ad351828ab, accessed November 2018.<\/p>\n 7<\/sup> Guide for Managed Detection and Response Services, Gartner, Inc., accessed November 2018.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" With cyber security attacks growing in frequency and impact as more and more of our infrastructure is digitalized, how will we be able to secure our digital assets when there is also a growing shortage of skilled cyber security professionals? Darktrace seeks address the issue as the first company to take an unsuperviced machine learning approach to product development in cyber security by developing a defence system modelled after the human body’s immune system. <\/p>\n","protected":false},"author":11141,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","categories":[],"class_list":["post-36824","hck-submission","type-hck-submission","status-publish","hentry"],"connected_submission_link":"https:\/\/d3.harvard.edu\/platform-rctom\/assignment\/rc-tom-challenge-2018\/","yoast_head":"\n