Community Housing Limited
Our environment is complex and everchanging making it important to have simplicity. Darktrace has allowed us to rationalize our security stack, giving us a very simple, aggregated view of everything that’s going on across the organization. I’ve never been happier with the product suite we’ve got in place at the moment.
Security challenges for Community Housing Limited
Community Housing Limited holds sensitive client data, works closely with state government to manage portfolios, and receives federal and state funding to provide well-governed, well-managed housing.
Additionally, the organization noticed that new threats are emerging, finding several incidents of brand impersonation. In the cases they observed, attackers were targeting users of major software and banking institutions by using smishing tactics that directed people to a spoofed website that replicated legitimate login pages, attempting to harvest credentials.
As a non-profit, Community Housing Limited has lower funding than commercial entities, and must comply with strict privacy legislation, creating additional challenges when it comes to funding its cybersecurity infrastructure and keeping up with the evolving threat landscape.
Why did Community Housing Limited choose Darktrace?
Trialing Darktrace in a POV, Jamie Woodland, Head of Technology at Community Housing Limited expressed that Darktrace’s account team was influential in the decision to select Darktrace as its security solution. He states, “I was blessed that the people I worked with in Darktrace showed a lot of care. When there were issues, the team just stepped through that with my technical team, and we got the right result in terms of getting the platform in place, getting the information running through.”
Integration across with existing technology
Darktrace provides comprehensive visibility across SaaS, email, and cloud environments for Community Housing Limited, using AI that learns the granular details of the specific organization to build a dynamic understanding of the devices, connections, and user behaviors that make up the normal “pattern of life.” When the AI identifies unusual activity that indicates a cyber-attack, it takes autonomous action, neutralizing the threat while minimizing business disruption.
In addition to autonomous detection, attack intervention, and incident response, Darktrace provided a solution that integrates with Community Housing Limited's existing software and applications, allowing seamless workflows for its staff.
“We have a strong Microsoft presence and Darktrace just integrates with our existing security platforms and profiles seamlessly; it makes a huge difference and centralizes our visibility,” said Woodland. After implementation, Darktrace picked up alerts within seconds, giving the team valuable insight and a full picture of its network.
After several years as a customer of Darktrace’s autonomous threat detection, attack intervention, and attack surface management capabilities, Community Housing Limited added Darktrace / Incident Readiness & Recovery to simplify and tie together pieces of its incident response, reduce time and resources it takes to appropriately respond to threats, and ultimately upskill team members.
How does Darktrace help Community Housing Limited today?
Fighting against phishing malware
In December 2022, the Caffeine phishing-as-a-service platform targeted Community Housing Limited. Malware had been downloaded on someone’s machine and a command-and-control mechanism reached out to this Caffeine service. Darktrace identified the ransomware within seconds by noticing the change in behavior. The security team was immediately notified, stopping the incident within 19 minutes and preventing any exposure. If Darktrace’s Autonomous Response was set to respond autonomously, rather than with human confirmation, the incident would have been shut down within seconds, greatly reducing the chances of data exposure or risk to the organization.
Defending against brand impersonation
To protect its brand identity from impersonation, Community Housing Limited chose Darktrace / Attack Surface Management because it uses AI to identify Community Housing Limited’s assets, searching beyond known servers, networks, and IP, often surfacing 30-50% more assets than an organization realizes it has. With this visibility and understanding, Darktrace monitors Community Housing Limited’s attack surfaces so that it will know as soon as an attacker creates unauthorized infrastructure to spoof the legitimate brand. These continuous insights help Community Housing Limited be proactive about potential blind spots and detect risks around the clock.
Running realistic attack simulations
Darktrace provides Community Housing Limited with AI assisted incident response and cyber-attack simulation using AI that develops an understanding of the organization to help the team run simulations that effectively map onto its environment and the assets within it, providing real training for a real incident.
“It is one thing to sit together in a meeting and discuss various outcomes of a cyber-attack, talking through the best response strategies,” said Woodland. “It is a huge benefit, being able to run attack simulations that emulate real world scenarios.”
The team can now see how an incident would play out over several days to resemble a real-world scenario or it can play through the simulation quickly to ascertain outcomes immediately. It then uses these insights to strengthen its technology, processes, and training.
AI-generated playbooks reduce cybersecurity technical skills bar
Darktrace incident response automates several steps of the recovery process to accelerate the rate of incident response. It creates bespoke, AI-generated incident response playbooks that leverage an evolving understanding of the organization to determine recovery steps that are tailored to the specific incident and the environment it takes place in.
For the security team, this means having access to all the information it needs to respond to a threat. When running through an incident, rather than going to a different place for different info taking up resources and time, remediation gets sped up. When there are highly skilled team members away on leave, not a moment is wasted because the team can access the playbooks seamlessly in the Darktrace UI.
“Darktrace improves the ability of our engineers to respond to events by providing AI generated playbooks,” said Woodland. “The playbooks help lower the technical skills required to respond to incidents by elevating the workload of the staff, tripling our capacity for incident response.”