Video: 10 Minute IT Jams - Who is Darktrace?
Cyber threats are evolving at breakneck speed. Companies, governments, and ordinary individuals are facing new forms of online attack every day. At the heart of this global digital arms race is a wave of innovation in artificial intelligence, as cybersecurity firms strive to beat criminals at their own game.
One company at the forefront of this effort is Darktrace, a Cambridge-based firm that has played a leading role in developing self-learning AI to protect organisations from increasingly sophisticated threats. Sanjay Aurora, Managing Director for Asia Pacific at Darktrace, recently shed light on the company's unique approach and its vision for the future during an exclusive interview.
"Darktrace is a global leader in cybersecurity AI, based in Cambridge, UK. Our fundamental approach to cybersecurity has been a self-learning AI that can be deployed anywhere across the digital estate – anywhere across the digital assets – and that self-learning AI is able to detect those threats which normal traditional systems haven't been able to catch," Sanjay explained.
Founded in 2013, Darktrace was one of the first companies to commercialise AI for cybersecurity on a global scale. Today, its technology protects more than 5,500 organisations in a world where traditional security strategies are increasingly falling short.
Drawing inspiration from biology, Aurora likened Darktrace's system to the human immune system, saying, "What does the human immune system do? It understands self – my immune system understands my innate, it develops an innate sense of self, and anything foreign, abnormal, unusual that is happening, this immune system is able to detect and respond. We created the self-learning AI platform using the same philosophy."
This model means that Darktrace's AI quickly establishes an organisation's "digital DNA", learning what constitutes normal behaviour in the digital environment. By doing so, the system can restore normalcy after a cyber attack. According to Aurora, "Cyber attack is not about if, it's about when. Our mission as a company is to stop or empower organisations to stop the disruption that comes after or during a cyber attack by building cyber resilience."
With cyber criminals developing ever more ingenious methods, AI must constantly evolve to stay ahead. Ransomware remains the most prominent and damaging threat for many, Aurora noted. "Ransomware continues to hit headlines and there is not a single day that we have not read about ransomware," he said, highlighting both reputational damage and financial loss as core concerns.
He also pointed out the broader danger: "There is an unintended outcome of ransomware – the Colonial Pipeline attack was a watershed moment, right, where probably even the adversaries were not anticipating where this is gonna go. Today, ransomware as a threat is number one on everybody's radar because it comes in from any vector and they can hop very quickly and do more damage than just encrypt data – they can hop into industrial networks, they can stop factories."
Insider threats continue to plague organisations too, with both malicious and well-meaning employees triggering breaches. Meanwhile, the widespread shift to remote work during the pandemic forced companies to adapt rapidly, often straining the limits of traditional defences.
"People are working from all kinds of places right now – the visibility has gone. That's another thing. Of course, we see another big trend is born in the cloud companies right, where you are talking about a significant number of companies that are completely born in the cloud... How do you have visibility and how do you have security controls over that?" Aurora said.
Traditional cybersecurity often relies on rules, signatures, and policies – approaches that struggle to tackle zero-day threats or outpace attackers. Darktrace's self-learning AI instead focuses on learning "normal" for a business, then identifying and responding to abnormal activity. "Our approach is learn the business, learn normal, detect abnormal, unusual activity, respond surgically at the speed of machine and that's how we protect organisations from significant attacks of all kinds," Aurora said.
He emphasised the value of autonomous and rapid response, which is particularly vital when attacks outpace human intervention. "Whenever we are deployed in an organisation, 95% of the time we detect things which are sophisticated – which are issues like compliance, misconfigurations, sophisticated attacks in progress. The reason why we are able to find is again our focus is to learn the business and not the attack... we are the inventors of autonomous response capability and very proud of it," he added.
Darktrace's technology is not confined to giant global firms. In the APAC region, the company works with businesses of every size and sector. "We established APAC headquarters in 2015 in Singapore and today we have a very large presence all across Asia Pacific and Japan. Companies of all sizes and across all verticals are deploying our AI very successfully, very quickly, and they're able to leverage our AI in their networks and their environments," Aurora noted.
Innovation remains at the heart of Darktrace's strategy. The company's CTO, Jack Stockdale, was recently awarded the Order of the British Empire for his contributions. "We've been recognised as one of the companies who are continuously on the cutting edge of AI, self-learning AI. While we continue to build our solution – from the ability to detect unknown threats, to be able to detect and respond in real time, to be able to use AI to investigate and help humans figure out what these threats are – that is the current offering right now," said Aurora.
The company has also launched new capabilities, including autonomous response for cloud and SaaS environments, and formed key technology partnerships. Yet, Sanjay Aurora's real enthusiasm is reserved for Darktrace's broader vision: advancing AI to not just detect and neutralise threats, but to predict, prevent, and heal from them.
"How do we use AI right now to detect, respond, investigate and how can this self-learning AI one day... understand what kind of organisations are vulnerable to what kind of threats, can we start predicting, can we start preventing those threats, can we talk about healing those threats? So how do we establish cyber resilience by taking AI to the next level which is all about a self-learning AI loop, and that's our vision right now," he concluded.
Ending the conversation on an optimistic note, Sanjay Aurora said, "I think it's a very bold vision but we are very confident about how we have executed so far and we continue to boost our innovation capabilities."