The greatest defensive challenge that Las Vegas faced was never-before-seen attacks, which cyber-criminals now launch on a daily basis. Traditional security tools work by using fixed rules and signatures to predefine what a threat looks like, preventing them from spotting threats that look unlike anything seen before. From spear phishing emails meant to deceive the city’s employees by posing as trusted contacts, to novel attacks that attempt to infiltrate via the city’s multi-cloud environment, Las Vegas sought a funda-mentally unique security tool capable of keeping pace with an ever-evolving threat landscape. To fight back against automated attacks in real time, the city deployed Darktrace Antigena, the first cyber AI response tool that autonomously neutralizes threats by taking intelligent, surgical actions. Antigena works by confining infected devices to their typical ‘pattern of life’ within two seconds, containing significant threats without disrupting core municipal operations. These operations today rely heavily on Las Vegas’ multi-cloud archi-tecture, which includes Amazon Web Services, Microsoft Azure, and Office 365. Whereas the conventional, stove-pipe approach to securing these services lacks vital context, Darktrace analyzes data flows from across the city’s entire digital infrastructure, enabling Antigena’s cyber AI response to neutralize attacks wherever they originate.

Business Background Drax  is  a  leading  power  infrastructure  company,  and  provides  around  7%  of  the  UK’s  power.  Having  switched  to  the  use  of  biomass  generators,  Drax  is  considered to be one of the most forward-looking organizations in the energy and utilities industry. Challenge The energy sector faces a rapidly-evolving threat landscape, inwhich increasingly sophisticated attackers have been successful in scaling network boundaries  and  infiltrating  extremely sensitive  operational  systems. Given the wide range of motivations that attackers have, and the looming risk of internal threat, it had become extremely difficult to pre-empt new attackers and anticipate their methodologies.

• Key target industry for advanced cyber attackers
• Large volumes of data but not enough insight
• Too many false positivesInsider threat
• Too much reactive, not enough proactive measures

Solution Drax decided to implement an ‘immune system’ approach, because it needed to be able to respond to fresh threats that had  not  been  previously  identifed  by other  security  tools.  The ability to constantly   adapt to a   rapidly evolving information  environment  in  real  timewas  critical  to  Drax,  as  it  needed  to  be  able  to  intervene  early  in  potentially  dangerous situations.After  successfully  implementing  the  Enterprise  Immune  System   on   its   corporate   network,   Drax   extended   the   coverage to defending its crucial industrial control system (ICS) from attack. With overall visibility of both IT and OT environments,  Darktrace  gives  Drax  the  unique  ability  to  analyze all parts of its enterprise and production networks, and to detect previously unidentified threats irrespective of their origin.

It helps us stay ahead of emerging threats and better defend our key systems. We are pleased to be working on cyber innovation with Darktrace’s leading self-learning platform.

Martin Sloan, Group Head of Security Benefits Darktrace has quickly become a fundamental part of Drax’s cyber  security  strategy,  due  to  its  unique  probabilistic  approach  and  ability  to  detect  emerging  threats  before  they have the potential to cause signi cant damage. On  deploying  Enteprise  Immune  System  technology,  the company was quickly alerted to potential intrusions within its  systems  that  had  already  bypassed  its  other  security tools.  Following  an  easy  implementation  process,  it  now  uses  Darktrace  to  continuously  analyze  the  overall  health  of  its  system  and  tospot  irregular  activities  that  have  a  high  probability of  being  either  malicious,  dangerous  or  non-compliant. Drax  benefits  from  the  most  advanced  cyber  defense technology available today to protect itself against the most insidious  attacks  that  jeopardize  its  critical  infrastructure  systems,  whether  those  threats  come  from  the  inside  or  outside of its organization.