As an energy and utilities provider, Kit Carson Electric Cooperative (KCEC) cannot let cyber-attacks disrupt its services, or thousands of people could be without electricity, internet, and gas. That’s why it turned to Darktrace to protect its email, network, identities, and Operational Technology (OT).

“Darktrace allows us to continue to provide our critical services to our employees, consumers, and community with none to minimal downtime,” said Daniel Trujillo, Chief Information Security Officer at KCEC.

Darktrace uses Self-Learning AI that is continuously trained on each organization’s unique data to detect and stop all types of attacks. By understanding normal activity, the AI can recognize abnormal and suspicious behavior. That means it can autonomously detect and stop unknown and novel attacks, without being limited by historical attack data.

Darktrace’s AI can be applied anywhere an organization has data, including OT. Before Darktrace, KCEC was not securing its OT at all. When the Chief Executive Officer shared the organization’s five-year plan, the security team took initiative and deployed Darktrace to protect the substations and OT environments that would be involved in the planned projects.

The organization still constantly upgrades its OT devices and has recently started implementing SCADA. Darktrace / OT adapts to these changes and gives the security team visibility across OT and IT systems, all within a single, unified platform.

While OT security is vital, many cyber-attacks start in IT, specifically the inbox. The security team can add multiple layers of email security to protect end users, but it only takes one wrong click to put the company at risk. Darktrace / EMAIL gives the organization a last line of defense to stop that from happening.

“Darktrace / EMAIL is the most beneficial product for our organization,” Trujillo said.

The security team has seen it in action. A local organization within the community started sending a lot of emails that Darktrace blocked. When the team analyzed them, it realized that the local organization’s server had been compromised. The team let the other company know, and the issue was resolved. Darktrace not only protected KCEC, but also its partner.

‍

The security team benefits from Darktrace / Attack Surface Management, which continuously scans externally exposed assets to identify, prevent, and remediate digital brand threats.

“Since using Darktrace, we’ve been able to decrease our attack surface by 75%, and continue to mitigate it on a daily basis,” Trujillo said.

Darktrace / Attack Surface Management once discovered a local municipality had an OT device connected to the internet, but it still used default credentials. This device managed the entire water system for the municipality. The KCEC team shared Darktrace’s findings with the municipality, making its own organization and the community safer.

For more preemptive defense, Darktrace / Proactive Exposure Management offers tailored attack path modeling, threat and vulnerability management, and AI risk assessments. The team has even fit it into its quarterly employee training, since the realistic attack engagements inform targeted security awareness efforts.

“We see potential attacks come through, but we’re mitigating them with Darktrace,” Trujillo said.

Darktrace / Incident Readiness & Response helps the security team be ready and recover quickly. Before Darktrace, the team did not have strategic plans in case an attack landed. Now, it can run tabletop exercises to practice and demonstrate to leadership the impact of an attack on the organization and greater community. The team estimates Darktrace has decreased the resources needed for incident response by 50%.

“Darktrace / Incident Readiness & Response has given us the ability and understanding of how to handle an incident response,” Trujillo said.

Since Darktrace can detect and respond to attacks autonomously and at machine speed, the security team has gained time back in its schedule. It has cut down the time needed to analyze, triage, and respond to attacks from 30 minutes to not even a minute.

With the Darktrace Mobile App, the team can keep an eye on security even while out of office.

The security team has been able to reallocate this newfound time to work on other critical projects in the organization, like developing microgrids and AI fire mitigation techniques, as well as increase industry learning.

“Darktrace has given us the ability and time to continue our education so we can finally become masters in a particular field of IT and cyber,” Trujillo said.

The team has also had more time to work on community outreach, including speaking at local universities, running internships, and partnering with high schools to involve students in IT. This gives the team a sense of purpose and confidence and helps members of the community get interested in cyber.

Importantly, with Darktrace in place, members of the security team report improved mental health. They can enjoy time out of office, being with their families, and exploring hobbies with the confidence that Darktrace will protect the organization. Darktrace allows the team to leave its work at work.