HKBN Group is a major international player in the telecommunications market – boasting one-third of all households and one-half of all businesses in Hong Kong as customers. The company deployed Darktrace’s fundamental Immune System technology and its AI and Machine Learning capabilities exposed where its vulnerabilities lay with the result that sophisticated and novel threats were consistently captured, providing full protection to the company’s dynamic workforce. Danny Li, Co-Owner and Chief Technology Officer, HKBN Group, tells us: “With Darktrace AI we can proactively and comprehensively manage risk across our entire enterprise.”
What necessitated your decision to implement Darktrace?
As one of Asia’s leading integrated telecommunications and technology providers, HKBN manages a vast amount of the public and enterprises’ intellectual property and confidential data. Telecommunications is now considered as critical infrastructure and the industry as a whole has increasingly become a target for the most sophisticated cybercriminals seeking to wreak havoc and disruption.
With rapid growth and expansion plans as a fully integrated ICT solutions provider on the horizon, we are always looking for the best-in-class technologies to build cyber-resilience across our entire organization: from internal assets like talent’s data and intellectual property, right through to sensitive information concerning third parties involved in on-going mergers and acquisitions.
As with many organizations, Digital Transformation has accelerated across our business. But, unlike others, we aspire to not only bring innovations within our business, but to our enterprise customers too. At HKBN, security services and solutions must be advanced and best-fit to business needs.
Did you consider any other vendors?
We set out to find the best possible technology available to proactively manage risk across our business and considered a number of well-known cybersecurity solutions.
During the evaluation process, we found Darktrace to be a fundamental solution in providing visibility of our fast-changing environment, like the number of devices on our system, the software platforms and tools being used and the behavior of users. The AI ability is unparalleled. It is able to detect novel attacks and insider threats – malicious and non-malicious – that often slip under the radar of other security tools.
What led you to choose to work with Darktrace specifically?
The reality is that cyberattackers are constantly evolving their techniques. Patching known vulnerabilities and encouraging users to opt for strong passwords are important basics, but clearly, the status quo is not enough.
Sophisticated attacks are now too subtle for humans alone to spot. AI is necessary, not a nice-to-have, in order to detect threats at their earliest stages – before they escalate into a full-blown attack.
Darktrace’s technology has been used in so many organizations around the world. It is a defensive AI technology that has been tried, tested and proven to be successful.
Which of Darktrace’s products have you deployed?
We have deployed Darktrace’s fundamental Immune System technology, which uses AI and Machine Learning to establish a ‘pattern of life’ for all of the users and devices across our entire digital infrastructure.
When did the solution go live?
We first deployed Darktrace into the core of our IT networks in Hong Kong, our headquarters, in August 2018.
The successful deployment has encouraged us to later expand the technology into our offices in Guangzhou, China, as well as to the operations of our latest merger and acquisition with WTT and JOS.
Was the deployment an easy process? How long did it take?
Deploying Darktrace was a seamless experience from the get-go.
All it took was a 15-minute call with Darktrace to work out exactly where we wanted the technology and then the AI was set up within the hour.
Understanding how Darktrace AI worked and setting it up in our environment was fast, easy, and extremely eye-opening.
Did the system require any training for staff internally?
Minimal training was required. The Enterprise Immune System has an intuitive and easy-to-use graphical interface, which was designed by game designers. It simplifies threat visualization and investigations, allowing both technical staff and non-technical executives to easily understand the tools and its findings.
How has Darktrace met your objectives?
One of our key objectives was to deploy a solution that is capable of spotting zero-day vulnerabilities or novel threats that could have slipped past our previous defenses.
When we deployed Darktrace into our organization’s IT infrastructure, it began to learn the normal ‘pattern of life’ for our businesses and identify subtle deviations indicative of emerging threats. The AI showed us where our vulnerabilities were – these were unidentifiable by our human security experts.
We found the technology to be so powerful that we are also a Darktrace partner – sharing our experience and expertise in implementing this cyber AI with our enterprise customers.
Did you have a solution in place prior to implementing Darktrace that was replaced?
Fundamental cyber hygiene, like UTM firewalls, secure web gateway and endpoint protection, are still important.
Darktrace’s AI is there to catch sophisticated and novel threats that other tools miss – integrating seamlessly with all of them and bringing the visibility required into our vast infrastructure and dynamic environment.
If so, what are the advantages of Darktrace compared to your old solution?
Static security – tools that differentiate ‘good’ and ‘bad’ based on pre-existing rules are simply not keeping up with the pace of cybercriminals today.
The beauty of AI is its ability to handle uncertainty and change – it learns what is normal, and then relearns it, and relearns it again. It is constantly re-evaluating its assumptions. That means it can keep up with our fast-changing environment. It can make decisions in seconds between what is strange but benign, and strange but threatening.
The importance of AI was only intensified by the advent of remote working. Darktrace was the only tool that adapted with us, fully protecting our dynamic workforce. The physical perimeter around our organization dissolved, but with AI we were not constrained by partial visibility, and our security operations center continued to receive immediate, real-time warnings of truly anomalous activities.
What threats is HKBN vulnerable to that Darktrace is able to defend against?
Cybersecurity is a never-ending challenge, and no organization is 100% secure.
It is well known that the stakes are high for the telecommunications industry, if attackers were left undetected, they could slow down our IT networks or bring them down entirely.
Attacks today are fast-moving and require machine speed responses. With Darktrace AI we can proactively and comprehensively manage risk across our entire enterprise. I am confident if a threat were to emerge, cyber AI will automatically detect it.
What could be the consequences of such threats for HKBN and its customers?
Service continuity and customer data are of critical importance to us, as well as the business of our customers. That’s why we take cybersecurity as our topmost priority.
How do your customers benefit from the solution?
Cyberattacks today could cause widespread disruption – we see this in the news all too often.
Having AI technologies to detect abnormality can help protect our organization and digital infrastructure, allowing us to provide a reliable service for our customers round the clock. Darktrace’s advanced technologies help us ensure data security and uninterrupted connectivity service to all our customers – one-third of all households and one-half of all businesses in Hong Kong.Click below to share this article