COUNTRY FOCUS : CANADA if anything goes amiss . This is key with RESPOND – it gives us peace of mind to know that a threat will be isolated until it can be further investigated by AI and our team . At the building level , this is very crucial as human investigation can require co-ordination from property operations and third-party vendors – but time is of the essence when it comes to an attack . Darktrace ’ s Proactive Threat Notification ( PTN ) also proactively alerts us to significant events that require immediate attention . This prioritizes our triage of the suspected event and our internal teams can respond immediately .
How has Darktrace ’ s AI helped RioCan in its prevention of cyberattacks ?
The AI provides unparalleled visibility into our network traffic patterns and alerts us to behavior that falls outside of this , which could be potentially malicious . This has helped significantly in identifying suspicious events and containing them in their very earliest stages – enabling our security team to work on higher level projects like improving our baseline security and getting the basics right at all times .
With the AI ’ s immediate response capability , we are immediately isolating malicious activity in a way that allows normal business operation to continue – enabling continuity and stability no matter what happens . We have identified Darktrace as a mandatory solution in our RioCan Building Technology Standards , which defines approved technologies for use in our building networks .
How have the solutions enabled RioCan to protect its Operational Technology ?
OT environments are very complex and specialized , legacy OT security can ' t keep up with emerging threats to these infrastructures . With legacy detection systems , the number of false-positive alerts require far too much time to investigate in such a complex environment .
Just like with our IT environments , Darktrace for OT leverages AI to understand ‘ normal ’ behavior for all our bespoke OT and IT / OT ecosystems , identifying and automatically stopping threats at the earliest stages until it can be fully investigated by our technical teams .
Why was it important to protect both the organization ’ s Information Technology and Operational Technology ?
Unified coverage of IT and OT is crucial for real estate defenders . Enterprise IT has long been prioritized in cybersecurity , but from an OT perspective , devices are becoming increasingly connected and the industrial IoT marketplace has a vast array of solutions which vary dramatically in terms of their cybersecurity maturity or readiness .
With Darktrace ’ s technology , we have unified protection of IT and OT , allowing our teams to operate with the same workflow ensuring that we can respond quickly and consistently to threats that emerge in any area of our network .
Can you give an example of how RioCan has complete visibility of emerging threats due to Darktrace and what is the major benefit of this ?
One example is the possible threats introduced by third-party vendors and suppliers . With Darktrace constantly monitoring our buildings and corporate networks , we are alerted to events like if a vendor inadvertently left administrative accesses open , we would be aware of this change in our systems , and it will be remediated immediately . This kind of visibility is only possible with the scalability offered to us by AI .
Why did RioCan decide to work with Darktrace ?
Our security is a top priority and we continually review our process to ensure it is optimal and exceeding industry standards . Primarily , we were looking to improve our response times from a traditional SOC model . Time is not on your side when attackers strike – and sometimes they do so when your teams are out of office or asleep .
We immediately noticed a greater level of information about our systems being reported back to us and a significant increase in our team ’ s ability to drill in further to investigate incidents . Most crucially , with RESPOND , incidents can be automatically contained while further investigations continue and while business continues as normal . We don ’ t need to shut the greater system down and cause wider disruption . With Darktrace ’ s AI Analyst and a dedicated security specialist assigned to our account and the Darktrace SOC , we have access to a significant wealth of knowledge to investigate cybersecurity events rapidly . p
The best thing about Darktrace ’ s AI is that it learns every detail of both our information and operational technology .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 51