Cyber security: An immune system for information

Look for clues in the behavioural data in your network, says Darkrace’s Steve Huxter 

Invoke Capital recently announced an investment of between $10m and $20m (£12.3m) in Darktrace, a start-up company that offers behavioural cyber defence solutions based on ground-breaking mathematical research out of the University of Cambridge.

Simply put, Darktrace is a cyber security technology firm that delivers an intelligence-led approach in an effort to protect companies from advanced cyber threats, insider attacks and largescale theft of IP through an approach based on fundamental mathematics. 

Darktrace is also one of the first (and one of the few) next-generation cyber firms coming out of the UK and, crucially, is an organisation very much influenced by academic research.

Its technology is based on a general probability theory known as ‘recursive Bayesian estimation theory’, which is based on the premise that a network has already been infiltrated and that some of the risk might come from a company’s own employees.

“We aim to address a problem in the market that traditional security systems do not cover,” says Steve Huxter, managing director of Darktrace. 

“Darktrace takes a proportional approach to risk – in other words, you can’t keep threats out, but you can manage them. We are uniquely capable of understanding all information within the firewall and learn behaviours in an adaptive and dynamic way, constantly modelling a ‘new normal’ behaviour for every individual and machine. 

“This means we can spot true anomalies and mitigate against real threats.”

This radically different approach to cyber security is what underpinned the recent investment from technology fund Invoke, launched by Dr Mike Lynch. Lynch is also the founder of software company Autonomy, which went on to be acquired by Hewlett-Packard in August 2011. 

The investment in Darktrace is the first out of Invoke’s recently-announced $1bn technology fund.

Lynch explains that backing Darktrace meant supporting an “inherently mathematical approach that does not seek to block information flow, but rather to understand it in all its practical complexity and subtlety”, in a statement that echoes one of Invoke’s previous investments. 

The investment company previously backed Featurespace, a UK organisation that focuses on adaptive behavioural analytics to help filter out fraud and provide important marketing intelligence.

“The financing will help us apply our own business model to Darktrace while framing its technology into something that works from a commercial perspective,” says Invoke’s Vanessa Colomar, also noting that, following the deal, Sir Jonathan Evans, the former director-general of MI5, had joined Darktrace’s board of directors. 

“We will definitely back any M&A strategy or other growth development project that the company
may have.

“A lot of companies out there say they are so-called ‘next-generation’, but they basically still use rules-based systems in one way or another,” Colomar adds. “The difference is that Darktrace provides an ‘immune system’ for the organisation from the start.” 

Huxter concludes: “When you consider that a security breach can cause a company’s share price to drop by around 5 per cent, and generally costs that company in the region of $5m, it’s clear that it is time to stop simply patrolling the perimeters and start looking more deeply at the behavioural information on your network.”