Sir Robert McAlpine is countering the growing threat of cyber attacks with self-learning AI technology.
Sir Robert McAlpine has more than 2,000 employees and operational hubs across the UK, and was facing a threat from sophisticated phishing attacks that targeted it on an almost daily basis. Many of these advanced email attacks often purport to be from trusted third parties, such as suppliers.
To guard against these threats, Sir Robert McAlpine sought a technology that could go beyond conventional, rule-based email security, and intercept subtle email attacks that would otherwise have been delivered to unwitting company employees, according to BIM+.
It turned to cyber security specialist Darktrace and deployed its Antigena Email, which uses self-learning AI to learn the ‘pattern of life’ for every user in an organisation. By understanding the human behind the email, rather than relying on historic data from known threats, Antigena Email can identify and stop malicious email activity – before it reaches the user.
On average, the technology successfully interrupts 18,000 email threats per month at Sir Robert McAlpine.
“The standard email gateways just weren’t delivering for us,” said Andy Black, chief information security officer at Sir Robert McAlpine. “With Antigena Email, we can trust the technology to just do the job for us – we let it run in the background to autonomously contain malicious activity and enforce ‘business as usual’. By working in tandem with AI, we now have more time to do the most meaningful security work as opposed to reactively fire-fighting every single alert.”
Toby Lewis, head of threat analysis at Darktrace, added: “The construction sector, like so many others, has been impacted by a rising level of cyber attacks, especially over the last 18 months. In particular, the sector is at risk from spear phishing attacks that exploit a mobile workforce, ransomware, fraudulent write transfers, business disruption and corporate espionage.
“Artificial intelligence is able to stop threats in real-time before they escalate into attacks and crucially before any data is leaked or disruption is caused.”