Story image

Korean insurance provider detects insider threat through AI

28 Aug 2017

Korean insurance provider KB Life has taken on Darktrace machine learning technology to prevent cyber threats.

KB Life Insurance, headquartered in Seoul, previously used traditional perimeter security tools but was concerned about risks from third party vendors who had authorized network access. Any possible infection would risk damaging stakeholder trust.

In addition, the company was concerned about insider threats, unpredictable zero-day attacks and fast-spreading ransomware. With these dangers, the company decided to change the way it handled cybersecurity and its defences.

KB Life Insurance CISO Daejoong Kim, says the company shifted towards a proactive approach.

“As a growing business with a large distribution channel, we needed a technology that could proactively seek out threats from within. Darktrace’s AI goes above and beyond in solving this challenge,” Kim explains.

Not long after deploying Darktrace technology, KB Life spotted an authorized network user that behaved in a ‘highly anomalous’ way. A user’s desktop was connecting to a malicious website without triggering any legacy security alerts.

The security team was then able to mitigate the solution in real time, preventing further damage.

Darktrace APAC managing director Sanjay Aurora says, “As the cyber-threat climate intensifies, KB Life Insurance is leading the movement towards AI-based defense.”

Darktrace works by learning ‘the pattern of life’ for every user, device and network. Once the system has a baseline, it can then detect subtle abnormalities in a network in real time, which means security teams can remediate threats including insider threats and ‘unknown unknowns’.

“Darktrace’s machine learning is the only technology that is capable of detecting and responding to stealthy attacks and insidious insider threats emerging in any part of the network, enabling KB Life Insurance to proactively safeguard its critical assets,” Aurora comments.

Darktrace has 24 offices worldwide. Its flagship product is Enterprise Immune System, which uses algorithms to detect threats.

“The Enterprise Immune System empowers us to stop threats in their tracks and eliminate them, before they escalate. It also gives us network visibility that we did not think possible,” Kim concludes.

Last month, Darktrace raised $75 million in funding to meet growing demand. It also partnered with CITIC Telecom CPC to bring its cyber defence services to Asia Pacific through managed security services.

“As the Asian economy grows from strength to strength, local businesses need to prepare today for tomorrow’s threat,” commented Darktrace Nicole Eagan at the time.

“We are excited to extend our transformative technology within the Asian market with best-in-class MSSP, CITIC Telecom CPC. This new partnership will further strengthen our ability to respond to the overwhelming demand for our cutting-edge machine learning technology across the Asia-Pacific region, enabling companies to inoculate themselves against threats from within.”

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.