Why Lighthouse Global uses Self-Learning AI to shine a light on spear phishing attacks
At Lighthouse Global, we provide technology solutions for legal firms and large businesses, assisting teams with the collection, review and processing of electronic data before it can be presented as part of their legal proceedings. Sensitive data is therefore not just a part of our work – it is our work, and it demands the highest degree of protection.
Thwarting advanced spear phishing
It is no secret that the vast majority of cyber-attacks begin in the inbox, and Lighthouse employees – particularly those in our upper management team – were certainly familiar with this threat vector, facing regular phishing attempts while conducting their work.
We had implemented a series of email security tools to fend off the most recognizable of these attacks, but that really brought to light the sophistication of what remained: advanced spear phishing campaigns which were using compromised, but legitimate, domains to dodge our security measures. Many attempted to trick recipients into clicking a malicious link by imitating our own security team, insisting that an employee’s password had been breached and was in need of changing.
When attackers are targeting the workforce using their colleagues’ addresses, armed with knowledge of the business and using social engineering tactics to really sell their message, the onus to stop threats can no longer fall on the employee. And traditional security tools just weren’t doing enough. We needed a tool that would take on this responsibility, allowing our employees to maintain their focus on normal business operations.
Antigena Email knows what to let through
To fight back against email-borne attacks, we implemented Darktrace’s Antigena Email, and it has quickly proven to be our most powerful line of defense. AI-powered detection and response has become central to our email security strategy: since adoption, we’ve been able to reduce the number of advanced spear phishing attacks which land in our inboxes to almost zero.
The AI takes a huge amount of pressure off my security team. Lighthouse Global is currently processing around 10,000 emails every day, and the business is still expanding at a rapid rate. That expansion used to mean an increasingly unmanageable number of security alerts to deal with, leaving us playing a constant game of catchup trying to get through them all. The risks of alert fatigue can be huge, and we were in danger of letting something really dangerous slip through the net. But that manual, time-consuming and laborious element of the job has largely disappeared thanks to Antigena Email.
Tackling cloud account takeovers
We also use that same AI approach to protect our work on Microsoft Azure, with Darktrace’s cloud coverage. Again, this has reduced the huge task of triaging a number of alerts which came through from our cloud activity. Darktrace now does that triaging for us, honing in on malicious behavior and making sure that high-priority situations like attempted account takeovers and ransomware attacks are put in front of us straightaway so that action can be taken.
With our most arduous tasks taken care of, the team now has time to be more proactive and particular with our security efforts, focusing on key vulnerabilities and making sure everything is running as it ought to be.
Darktrace grows with Lighthouse
Perhaps the thing that gives me the most confidence is knowing that because Darktrace’s Self-Learning AI is constantly evolving its understanding of our company, it will continue to grow as we do, adapting to any changes in our organization.
Lighthouse Global is constantly taking on new clients around the globe, each of which ushers in a new wave of email communications, and Darktrace is able to comfortably follow along with these changes while still spotting new attacks as soon as they reach the inbox. Already, we’ve seen it adapt to these changing email flows, while it continues to consolidate large quantities of data with a UI which has all the features we need – but remains easy to work with.
Because the UI is so simple to use, the intimidating learning curve which we had come to expect from email security has vanished, and we’ve been able to quickly train engineers within the company to help out with security rather than hiring in more specialists as our operation expands.
Darktrace’s AI has transformed cyber security into something which supports our growth rather than limits or suffers from it. With our email and cloud activity protected, we at Lighthouse Global are left with the extra time to focus on our clients and our work.