May 14, 2020

Is Your WFH Setup Hacker-Proof?

For those of us lucky enough to have jobs that allow it, working from home has laid bare many uncomfortable truths—like the fact that productivity and the presence of pajamas are inversely correlated...or that fact that cybersecurity is a pillow fort when it should be Fort Knox.

For those of us lucky enough to have jobs that allow it, working from home has laid bare many uncomfortable truths—like the fact that productivity and the presence of pajamas are inversely correlated...or that fact that cybersecurity is a pillow fort when it should be Fort Knox.

After all, we’re in the midst of a global health crisis that’s forced us to adopt a new normal. And that crisis has sent us barreling toward dependence on digital tools to both keep us informed and help us do our jobs. But with that, how should our approaches to cybersecurity change?

This week on Business Casual, we’re getting the answers from Nicole Eagan, CEO of cybersecurity company Darktrace, the first to develop an AI system to thwart cyber threats. Nicole explains why we need to shift our mindsets surrounding cybersecurity from 1s and 0s to a more holistic view.

  • Because as far as she’s concerned, hacks happen. No system is impenetrable. 
  • But what we need to think about now is how wide open our home setups are leaving corporations across the board. Face it, we don’t always use the VPN we’re told to.

Plus, Nicole adeptly illustrates how this pandemic, unpredictable and painful as it might be, is preparing us to adopt useful tech at a faster (read: better) pace than ever before. Just don’t expect AI to write these descriptions anytime soon.


Kinsey Grant, Morning Brew business editor and podcast host [00:00:06] Hey, everyone, and welcome to Business Casual, the podcast from Morning Brew, answering your biggest questions in business. I'm your host and Brew business editor, Kinsey Grant. And now, let's get into it. [sound of a ding] 

Kinsey [00:00:16] As you all know, I am recording this podcast remotely during our shared COVID-19 lockdown. It has been 57 days since I've done one of these interviews face to face. My experience is representative of everyone's. If we're lucky enough to have jobs that allow it, most of us are working remotely. There are upsides, like sweat pants, but there are [chuckles] also downsides, like the cybersecurity vulnerabilities that our new work-from-home setups inevitably lay bare. And I'm not the only one who's thought, "Huh? Wonder if my [indistinct] inside my computer is working more or less these days." Hackers spanning the spectrum, of bad to really bad, have recognized this is an unparalleled opportunity to possibly exploit our security systems and our out-of-whack psychologies. 

Kinsey [00:00:59] From February to March, there was a 569% growth in registrations of quote unquote malicious domains, trying to do things like phishing for personal data and passwords or serving malware. And the stakes are only getting higher. A single malware attack in 2018 cost more than $2.6 million. So today, to talk about cybersecurity, the unique threats that we're facing in this era, and how we can position ourselves not to fall victim, Nicole Egan, the CEO of Darktrace. Nicole, welcome to Business Casual. 

Nicole Egan, CEO of Darktrace [00:01:30] Thanks so much for having me. 

Kinsey [00:01:32] I'm excited to speak with you today, remotely or not. [laughs] This is an interesting conversation—I think a very timely opportunity to have this conversation. I'd love to explain a little bit more what Darktrace is for the people who maybe have not heard of. It's a pretty interesting company. You guys say you're the first company to develop an AI system for cybersecurity, which I'm sure we will talk about at length in just a little bit. But your mission is basically to transform the capacities of organizations, businesses, to defend what you call their quote unquote, most critical assets when they are faced with a cyber threat, which is, of course, like no pressure at all. [laughs]

Nicole [00:02:09] Yeah, we took a fundamentally different approach to cybersecurity when we founded Darktrace, in that most of the approach of cyber was always about this concept of keeping the bad guys out. And a lot of our founders came from intelligence. So think CIA, MI5. And what they realized is that if an attacker really wants to get in, they're going to get in. And you just mentioned all of those new illicit COVID-registered domains is a great example. This is just a new novel way for them to get inside. 

Nicole [00:02:47] So what we did is say, well, what if we took the assumption and said that while you should always have that protection, what if they get through it? What if they do get inside. And that caused us to think about, well, where else have we seen that before? And one of the places we've seen that actually is the human body. You know, we all have skin, and the skin mainly keeps us safe. But occasionally a bacteria or a virus does, in fact, get inside. And our immune system recognizes that that isn't normal. It's not part of us. And it has a very precise and very rapid response. And what we basically did at Darktrace was we emulated those functions of the human body's immune system in artificial intelligence to keep all of us safe from cyberattacks. 

Kinsey [00:03:35] It's so interesting to think about the concept of machine learning is so novel for so many people that a machine can mimic the way that a human learns, but that now we have computers that can essentially mimic the way that we keep ourselves healthy—or try to keep ourselves healthy. 

Nicole [00:03:49] Yeah, I think you're right, because so many times I think we hear about artificial intelligence. It's really easy to think about how it learns from the human brain. And I think this is, as I said, such a novel approach because it's thinking about how does the immune system, which is something innate, something just within us, something we don't think like, oh, I've got to turn it on in the morning. It just sits there in the background, and it's always there. It's always present. It's always working. And that is a different style of artificial intelligence than most people are used to. 

Kinsey [00:04:20] I'm sure we'll talk in a little bit more depth about the importance of AI and what you guys are doing with AI that might, I don't know, encourage this adoption of tech that we have not experienced to date. But first, I think it might be useful to better understand the kind of basic definitions of cybersecurity—of being secure online. It's more than just using an incognito browser. It's more than just having one of those camera coverings on your computer. It's a lot more than that. And it goes beyond just individuals trying to practice good cybersecurity. So explain to me what the most important aspects of being secure online are that we need to understand. 

Nicole [00:04:59] It is a very far ranging topic. And I think at, kind of at the heart of it, is this idea that everything is connected and everyone's connecting to the internet and every device is connecting to the internet. It doesn't matter if it's in our home or in our office or in our automobile. If you have a sophisticated system that connects your lights, controls your air conditioning, allows you to control anything remotely through an application, then it's connected. And all of those make up what's called an attack surface. Then, when we are allowed to go outside, there's a bunch of war attack surfaces. 

Nicole [00:05:37] I know there is a big 5G pole sitting alongside my building—that's connected. I know that the smart meter on the side of my home to report my gas consumption—that's connected. These are all just adding to the attack surface. And that's maybe a way on a personal level to start thinking about how and where you're vulnerable as an individual. 

Kinsey [00:06:03] Yeah. And this idea of the tech that is supposed to make our lives so much easier can also open us up to so much more is, I think, something that is a consequence we maybe haven't thought about as much. We think how convenient it is to have a Google home, how convenient it is to have, you know, a ring doorbell. These are vulnerabilities that we do get the advantages of these products, but we have to recognize that there are disadvantages to using them regularly. 

Nicole [00:06:30] The attackers are just looking for a way in. They don't care if they get in through your Google home, your smartphone, or your laptop, or your automobile. They just want in. And when we extend that now to thinking about now, as individuals, we also connect up to corporations or to organizations. And so now my attack service, when I'm working from home with all of those different internet connections, now I'm going to then connect up to my corporate network. 

Nicole [00:06:59] And potentially, if the bad guys got in through any of my attack surfaces, now they can leverage me to actually get into our companies' attack surface. So whether we connect to the cloud, whether we connect to the corporate network, whether we're just using our email system, the bad guys are just leveraging every attack surface to try to find the weakest link, to get inside, to get what we call a foothold into that environment. 

Kinsey [00:07:26] Now, are the opportunities for those footholds bigger with so many people working from home? I would imagine that they are. 

Nicole [00:07:32] I think you nailed it on the head. This is one of the things that happened—is all of a sudden, we had to shift—I mean almost every company overnight had to put in their business continuity plan, and the next day, literally, we're all working remote. And normally, with that kind of big digital transformation, of everyone working in an office to everyone working at home overnight, there normally would be a lot of planning and thought put into that in terms of, well, do we have security for that? [indistinct] Do we have security that's covering all of our remote workers from their home attack surfaces? But there wasn't time for that. 

Nicole [00:08:07] And we have to remember, this is also at a time where those security teams, who are usually sitting in some type of security operations center looking at big fancy screens, are now also sitting at home. So a lot of times they're having to do this remotely, maybe even through a mobile application and without access to the data center. 

Kinsey [00:08:25] So let's talk a little bit more here about the timing. If given more time we can—I think it would be fair to assume, that the security protocols put in place would be stronger. Right?

Nicole [00:08:36] Absolutely. 

Kinsey [00:08:37] So what about how we're reacting now could be a drawback. Is there a possibility that security teams are trying to create something or to create these protocols too quickly such that they're not as effective as they could be with more time? 

Nicole [00:08:51] This was unplanned for. But guess what? A lot of things are unplanned for in life. And that's what again, the attackers actually like that. They like these unforeseen, unknown opportunities. That's what they pounce upon. So what's nice, again going back to the immune system approach, is that if you have this AI that's already sitting there silently working in the background, and it knew how you worked when you were in the office. It learned what we call your pattern of life, your behavior when you were connecting to that corporate network or that corporate cloud. Well, now, when you went home, all it had to do was learn your new normal. 

Nicole [00:09:26] But beyond that, I think what we are looking at is what are these new tools that we're all using from home? We've certainly seen an increase in video meetings and video conferencing, where I feel like I'm living it all day long and you probably are as well, as are your listeners. And so whether that Zoom—we've seen all the Zoom bombings—whether that's—I know at a corporate level, GoToMeeting is used quite a bit. We've also seen an increase in usage of collaboration tools. So those are things like Microsoft Teams or Slack. 

Kinsey [00:09:59] Of all of these different tools that you just mentioned that are now becoming so much more popular in recent weeks and months, are there any that you think are more vulnerable to attack than others? 

Nicole [00:10:10] You know, all of them have some level of built in security and granted, they might be varying levels. And I think we've seen Zoom respond very quickly, for example, for any potential vulnerabilities. They added in a security feature that we could all turn on. They've added in waiting rooms, so we know who's joining. So I think we're seeing very quick responses from the video conferencing and collaboration tool vendors. I think on the other side, one of the things I look at is it's one thing that each tool has some built-in security. But when you're a security professional, you're trying to get a holistic view. So it's not enough just to have security built into each individual tool. You need the visibility and to see the big picture. 

Kinsey [00:10:56] Do you think that—I just kind of have to think in my line of work—yeah, I would hate for someone to hear this episode before it goes live, but at the end of the day, what I'm doing is eventually going to be published to the public for the most part. Very little of what I'm doing is like top secret, confidential information. But there are industries where that is the norm and that is what people are dealing with on an everyday basis. Are there any specific industries or sectors that you think are more vulnerable to these kinds of attacks, especially right now? 

Nicole [00:11:25] Unfortunately, every industry in every sector is always a target. I think one of the things that—thinking about just the customer calls I've had just this week, one of them was with one of the largest privately held medical supply companies in the United States. And they obviously became very high profile because they are making N95 masks and other critical medical supplies. And so all of a sudden, their risk profile changed overnight. Normally, medical supply companies might not have as high a profile as all of a sudden they did. So, you know, we've seen that example. 

Nicole [00:12:02] We work a lot with food supply companies and similarly in food supply—again, it's always important and it's always a critical industry, but it almost changed from being an industry we kind of think of in one way, but now all of a sudden has become overnight an essential service. And so food manufacturers are having to increase their amount of productivity and one of their plant floors has got hit right now, it would be devastating. So maybe these are ones we don't always talk about, because I think we talk more about usually the financial services sector. Obviously, healthcare now, as ever, is top of line with protecting patient information, medical devices that connect up. 

Kinsey [00:12:46] One of the things we talked about before we started recording this, when we were having a conversation about cybersecurity, is the psychology behind these attacks. There are groups of hackers who are cohorts who work together, and they are sophisticated, clearly very sophisticated. 

Kinsey [00:13:03] An interesting idea, though, is that some of these hacker groups have gone out to say we're not going to attack, say, healthcare or we're not going to attack X, Y, Z industry, because now is not the time to do that. Explain to me more what's going on there. 

Nicole [00:13:17] It was really interesting because there was a formal request actually made by the United Nations for attackers not to attack during this period of time. And that was a request that came out right as the crisis started. And I thought for a week or two that, hey, maybe organized criminal hackers and even nation states would honor that. And it's very unfortunate that that did not happen. We have seen now some responses, for instance, the Department of Justice here in the U.S., the DOJ, has said that they're going to prioritize those cases, those criminal actions, cases that relate to COVID. 

Nicole [00:14:00] Those are going to move to the top of the docket. So that's very promising to see. There's been a lot of outreach to the domain registration organizations, saying can't they do a better job of screening for these fake domains? So there's been a lot of pressure there. But if we take a step back and we look at, you know, cybercrime is big business. It's an organized global business that's worth a lot of money. And so I think what in reality happens is we started seeing these hackers are oftentimes—especially the organized criminal hackers—they actually are assigned targets. 

Nicole [00:14:39] So they'll have certain companies that they're assigned to be their target. And some of those companies had really good security when everyone was working in the office. And so now what's happening is those cybercriminals are going back and circling back around against those same targets that maybe they were unsuccessful before, knowing that there's new vulnerabilities. 

Kinsey [00:15:02] Interesting. 

Nicole [00:15:02] So it actually had the opposite effect of what the U.N. is asking for. Because the reality is this is big business. They're a very organized group of people. They have assigned targets and they're using this as an opportunity. So it's very unfortunate. It's very disappointing. It is our reality that we're living with. And I think it's something that—it's not only the organized cybercriminal level, unfortunately, our cyber AI even found a nation state-level attack a couple of weeks ago during the time of the crisis. Which again, is very unfortunate to see. 

Kinsey [00:15:44] Can you tell us any more about that? 

Nicole [00:15:46] We did publish a blog on it. There is a group and this attack happened in March of 2020. And it is a group known as APT41, which is attributed to a Chinese national, or nation state attack group. 

Kinsey [00:16:07] All right, Nicole, we are gonna take a short break. And then when we come back, talk about how we can adjust to living in this new reality. — And now back to the conversation with Darktrace CEO Nicole Egan. Nicole, like you said before, at the very beginning of this conversation, these hackers are sophisticated, attacks are sophisticated in and of themselves. We know they're gonna happen. So the reaction now should be how can we improve our own ability to combat these fights? How can we build a cyber-immune system because we're gonna get a cold someday, but we want to make sure that we don't get COVID-19. [laughs] How can we adjust? So, if you had to say what the easiest way would be for the people listening to this to adjust their own new realities of working from home, of using their work tools in their home, what's the step number one they should be taking? 

Nicole [00:16:58] I guess step number one is increase your awareness and think about what you're connecting to, what tools you're using. What else is connected in your home to your home Wi-Fi router? So increase your overall level of awareness. The second thing I'd say is the phishing attacks. Unfortunately, most of the new COVID-19 domain registrations are not to the CDC or to reputable organizations. And yet the attackers will do what's called spoofing, and they'll make it look like that's where they're coming from. For example, a recent attack actually said it was a CDC COVID-19, but it was registered to an AOL domain that was not valid.  

Kinsey [00:17:50] Hard to believe that [indistinct] is using AOL. [laughs]

Nicole [00:17:53] Exactly. So the amount of vigilance I think you have to use when you're looking in emails, you know, is this somebody who you normally deal with? Hover over the name to see the full email address. So these are types of things, I think, that we really have to be on the lookout for. You know, a conference call or video conferencing security, use a password, use a unique password each way, use the waiting room so you know who's coming in. And if you see something that says like, Caller 3, and it doesn't have a name associated with it, find out who Caller 3 is. And if no one can confirm they're Caller 3, then kick them off. Also, you know, simple tips like close down or lock down your video conference once all of the attendees who are supposed to be in are in. 

Nicole [00:18:43] And again, most of the technologies today allow us to take those steps. So those are just, I guess, some quick tips that each of us can do on a personal level to help not only protect ourselves, but remember, we're also protecting our companies, so that we're not that low-hanging fruit factor that someone used to get inside. 

Kinsey [00:19:03] I hate to be that person. Nicole, can we count on the companies whose tools we're using to put up these walls to defend us if we need them? Or should we be considering some sort of a third-party tool to use for ourselves? How much can we rely on the companies that we use to keep ourselves safe? 

Nicole [00:19:22] I think when you break down the security industry, there are some different sectors of it. And one is called the firewalls. And so firewalls are the part that's kind of trying to harden the shell around the corporate network. Well, one of the challenges right now, for better or worse with firewalls, is now where is that corporate network? It's all of a sudden sitting in each of our home offices. And so that's made it very porous and much more difficult. So firewalls still play a very important role. They're still protecting, for instance, the data center and the on-premise network. But it might be a bit challenging for them to reach out and protect each of us in our home. 

Nicole [00:20:04] The next kind of sector is very important. It's called email security. And there's a whole category called email gateways. And those are pretty much firewalls for your email system. So again, they're trying to keep spam from getting in. The way they work is they actually have a list of known bad. So they'll try to take those bad, new COVID sites and they'll try to register them as fast as they can find out that they're bad. But with the volume of them happening, it's too late to register known bad. It's just a flawed kind of approach. It's always out of date. And so that's again where the machine learning can come in, where it's not relying on predefined known bad. 

Nicole [00:20:48] And the reality is, each of us switch from tool to tool throughout our day. We're always multitasking. And so we need something that gives our security teams and our IT teams a broader purview of—almost think of it as behavioral security. How can you use machine learning to learn you? And it goes with you everywhere you go. And that's, I think, the big shift. Instead of having very kind of siloed tool-centric security, we're gonna move probably to more of a risk-based, people-based, behavioral-based approach to security. 

Kinsey [00:21:22] Interesting. Do you see this as the kind of event that would breed more of these let's get an IT department conversations? 

Nicole [00:21:29] We can enable, through artificial intelligence and machine learning, the machine to fight back itself against the attack. Even if you have the security staff and they're very talented and they're very hardworking, these seconds—these attacks, rather—can happen in split seconds. It happens faster than even an experienced security person can respond to. If you go back three or four years ago now during the Sony attack, we were talking about the fact that that attacker had been in Sony for over 200 days before they found it. 

Nicole [00:22:02] If you think about the attacks you read about and hear now, the attackers are literally—have gotten the skillset down where they can attack within an hour, within minutes, sometimes within seconds. We, in fact, stopped an attack from happening on a global manufacturing company. The attack would have taken down their entire global system and all their manufacturing plants in less than 90 seconds. 

Kinsey [00:22:28] Wow. 

Nicole [00:22:28] That's how fast, now, these attacks are moving. So we have no choice but to rely on machine learning. 

Kinsey [00:22:34] This is an interesting conversation that I want to have about when this is kind of going to stop feeling like we're in "The Matrix." But really quickly, we're gonna to take a short break to hear from our partner. — And now back to the conversation with Darktrace CEO Nicole Egan. Nicole, we've been talking about how much better artificial intelligence machine learning computers in general are at recognizing and thwarting these attacks just so much faster than humans can do it in a way that we need that speed, we need that accuracy within, like you said, 90 seconds of stopping an attack on a global company. 

Kinsey [00:23:08] So, do you think that this experience—this shared experience—is going to in any way accelerate our adoption of AI tools? I know a big speed bump to a lot of emerging technologies is just that we're not comfortable with them as everyday people. 

Nicole [00:23:25] It's a great question. And I think there's—obviously everyone's trying to figure out what the new normal is going to look like and what impact all of this has had on us. And I think that we're seeing an acceleration of adoption and machine learning and AI in certain sectors. You know, for instance, I know we're all waiting to understand when there is going to be kind of an antibody packaged up in a vaccine for COVID so we can all go back to business and the world is normal or as our new normal is. And I think we're seeing that machine learning is speeding up those processes immensely. So I think in areas around pharmaceuticals, biotech, we're seeing a great acceleration in adoption. 

Nicole [00:24:12] So I do think there are certain sectors we're going to see it speed up. I mean, similarly, I think in some of the ways we're going evolve back to normal, you know, you've probably seen the news on Google and Apple and their partnership around being able to help people understand who they've been in contact with. And I think a lot of those apps, underneath the hood, may also be using some great machine learning and artificial intelligence. So I think we are seeing, you know, in some cases, an acceleration and adoption going on. So I think in terms of cybersecurity, the interesting thing is, we [indistinct] quite some period of time, have seen an acceleration adoption initially. 

Nicole [00:24:55] Quite interestingly, and quite unusually, the defenders have actually adopted AI before the attackers. And that's a great thing. And that's kind of different than maybe a lot of people would think of. So today, we're seeing broad deployment of AI and machine learning to help keep companies safe. But what that means is, eventually the attackers are going to end up having to embrace it because the defense is getting better and better and better and better. If their attacks are successful without using AI, they'll keep going the way they're going. 

Nicole [00:25:28] As soon as those attacks—there's more manual or lower-tech automated attacks—are no longer successful because of the strong defense, they'll end up having to embrace it. And that's going to be a big shift in the industry. And quite frankly, that's probably the biggest change we will have seen in three decades in cybersecurity—is when that attack vector shifts. 

Kinsey [00:25:50] So when that shift does happen, when the AI gets into the hands of the opposite party, what's the reaction going to be from the cybersecurity industry? Is there a plan in place for when that happens? 

Nicole [00:26:02] You know, it's something that I feel isn't talked about enough. Sometimes it's easier for people to kind of want to keep their head in the sand and say that day is never going to come. But I think, you know, from our perspective, it's absolutely critical. And it's great that we've already deployed our machine learning into thousands of companies in all different sectors, all different sizes around the globe, because what that's constantly doing is making our AI algorithm stronger and smarter. And when that shift does happen and all of a sudden the attackers start embracing the machine learning and AI, our algorithms will be ready for it. 

Kinsey [00:26:41] I found, when I was preparing for this, a study that Darktrace commissioned by Forrester Consulting—77% of respondents expect weaponized AI to lead to an increase in the scale and speed of attacks. 66% felt that it would lead to novel attacks that no human could envision. What does that mean? How can we put that in context? Is 66% of respondents thinking we've got no idea what could possibly be coming a big number. Is it a small number? Was it more or less than you expected? 

Nicole [00:27:09] I think it means that this is starting to come to the surface. People are starting to think about it, but they're not feeling quite yet prepared for that eventuality. And it's an area that needs to probably be talked about in the boardroom, in the senior leadership teams, as well as in the security and technology teams of companies. The good news is, again, that there are companies, in addition to Darktrace, who use machine learning and AI. And those are the ones that are going to be in the best position to help when this attack vector shifts. 

Nicole [00:27:48] And I think in the Forrester report, where they do talk about these are attacks we may never have been able to imagine or prepare for, it's because the machine learning and AI doesn't always have to think like a human. It can start to come up with new interesting attacks that we haven't thought about. And that's why we need to have machine learning fight machine learning. AI has to fight AI. And I think there's a kind of a phrase we came up with that I think it kind of sums it up is: Never bring a human to a machine fight. [Kinsey laughs]

Nicole [00:28:25] It just fights differently. And so that's kind of in a nutshell what we have to be ready for. And this is going to evolve into a war of algorithms, and it's going to have to take really smart, really good algorithms that are ready for unknown attacks in order to defend. 

Kinsey [00:28:44] Do you think we'd be better prepared for this algorithm-on-algorithm fight for this eventuality of AI tools widespread adoption? If there were more systems in place, at least here in the United States, to get us comfortable using these kinds of tools, do you think that technological education from youth on up is good enough in the U.S. right now? 

Nicole [00:29:05] Well, I think we've been dealing with the challenge now for about seven years of how do you get people comfortable being augmented with artificial intelligence. And eventually moving into this area of autonomous response where the machine fights back. And I think that it's extremely promising, because one of the things we see is it is just a matter of building trust. And it also helps people free up time to spend on things that the machine can't do. 

Nicole [00:29:36] Maybe it's understanding business context. It's assessing bigger cyber risk. It's partnering with other parts of the business to put security into new tools and new products that the company is developing. So it frees us up. It buys us time to do those things that only humans can do. But it is a process and it is a transition. And it is about building trust. 

Kinsey [00:29:58] Right. It just—it obviously—I'm sure this is a conversation you've had many times [laughs] before, but this idea of being automated out of jobs. When I was younger, my parents had a computer guy who'd come and fix the computers if something went wrong. Now we can do that. If a problem even comes up, we can do it in a snap. Does it does that ever concern you, automating people out of security jobs? 

Nicole [00:30:22] Well, what's interesting in cybersecurity, unfortunately, there's over a million open jobs in cybersecurity on a global basis. That number is projected to grow to 2 to 3 million over the next few years. And so this has been an area where it's welcome—people are welcoming the help. Whether it be in automation, whether it's augmenting people, whether it's having the machines neutralize these threats in real-time, there's just not enough people. And it would be too hard to skill people up fast enough. And even if we did, the attacks move too fast and they outpace us. So I think this is one clear area where you're not going—you don't often or ever hear security people saying, oh, my gosh, I'm afraid of it because I'm going to be out of a job. 

Kinsey [00:31:07] So another idea that we brought up before we started this interview on the record here is this idea of productivity—that these AI tools can help people who run the business better understand the ways that their employees are using their computers, are being productive or are, on the flipside, [chuckles] not being productive. Talk a little bit more about that. 

Nicole [00:31:26] I think one fascinating thing, and I talked about how our machine learning just learns in the background and it builds this pattern of life of every person and every device that we use to do our jobs every day. And today we apply that to the problem of cybersecurity, because it is a big issue. It is a big problem. And we want to keep people and organizations safe from those threats. But one of the things that we've learned is that this pattern of life can be useful for other things. In fact, even while we're all working remotely, understanding people's patterns of life and how it changed from when they sat in an office has been really helpful and really interesting. 

Nicole [00:32:07] You know, for example, we were able to see that when we all had to work to remote work, there is a bit of a dip in productivity, right? We all probably had to set up our home office and learn all these new tools and get them installed. And so it looked almost like, I would say more like a holiday week in terms of productivity levels. 

Nicole [00:32:27] But that quickly shifted, and we were able to see that just a few days later, people were back at their normal activity work levels. So being able to understand like that or understand basic things like who's communicating to whom, how often, and what offices. You know, we've seen people use Darktrace for kind of non-security things like mergers and acquisitions. When you first put two companies together, how are they working together?  

Nicole [00:32:55] Are the people in Company A only still working with people in Company A and not in Company B? At what point do you start to see people in Company A working with Company B? And so there's lots of interesting use cases, I think, around compliance and risk, mergers and acquisitions. It's probably limitless, quite frankly, in terms of the types of things, over time, this same type of technology could be applied to. 

Kinsey [00:33:22] Right. And I imagine there are appropriate constraints put in place, but it does kind of bring up the idea of surveillance and our comfortability with being surveilled by, in this case, a boss or someone who is contracting with your higher-ups, but also a country. And it's a conversation we've had more and more in recent weeks in light of everything going on with COVID-19. Is a surveillance state the right kind of state to be [laughs] or is it wrong? What is your take here? 

Nicole [00:33:51] First of all, I think it all has to be done ethically. Second of all, I think people have to always know and have the right to know what's going on. I think in some ways, I think about this similar to email, right? When you use your company's email, you agree that's company email, right? So if you're using company systems, there probably is something very similar to that in place. But also it does mean that regulation is going to be important and machine learning and AI, everything from how different data sets are used, what data sets can be used to train what machine learning systems—that all have to be put in place. 

Nicole [00:34:27] And I think that we will see as machine learning and artificial intelligence gains more steam, is used in more broad applications, that the regulations will eventually catch up. But it also is up to us as tech companies—and as employers—to make sure that we're clearly articulating to employees how this technology is being used. 

Kinsey [00:34:49] Right. It's the onus is big when it comes to the companies who are developing these tools, because we've seen—let's take social media, for example—if an industry outpaces, in terms of innovation, the regulation that should be keeping it in check, the unwinding of that innovation is very, very difficult. 

Nicole [00:35:06] Yeah, I think that it's always hard for regulations, I think, to keep pace with technology, as it does move so quickly. And that's why I said that it also is just as important. I mean, what we're seeing, again, is the machine learning being used to keep people safe is a huge advantage over not keeping people safe. [laughs] There is always, I mean, I think in any business decision, there's a risk-reward trade-off. And what we're always seeing is people understanding that the benefit outweighs the risk. 

Kinsey [00:35:40] All right. As we wrap up part of this conversation here, I'm curious to hear, after having this entire conversation for quite some time now, do you think that companies care enough about cybersecurity right now? And do you think that your answer to that question would change in, say, six months? 

Nicole [00:35:56] It's a great question. Recently, I think, you know, there's do companies care enough? Does the government care enough? Do people care enough? There's all different levels, I think, of that. And there has been a recent government study that was published. And in some ways, I think, you know, they're saying it needs to start with the government. We need to see that government cares enough. Government's been very good at investing in offense, but not as much in helping with defense. 

Nicole [00:36:27] And so that's a shift I think we're going to see. I think at the company level, you know, it's varied, right? I mean, there are some—financial services has been ahead of the curve. They've been very advanced in terms of deploying sophisticated technologies like machine learning and AI. We have now seen that kind of go more broadly across industries. Retail and ecommerce followed suit. Healthcare is very much, and pharma is getting on board right now. But you also have law firms, accounting firms, that might not be quite there yet. And so we're really trying to work across the board with that, similar state and local governments. Education. So there's still a ways to go. But it is important for all of us to realize, for better or worse, we as individuals and our organization, regardless of industry, regardless of size, all have a responsibility and all play a role in this. 

Kinsey [00:37:22] All right. Nicole, I think that we have covered a lot here in terms of better understanding cybersecurity, what the word firewall means, [laughs] and what is at stake. 

Nicole [00:37:31] So we are now going to transition to our Business Casual wheel and do some rapid-fire questions and get-to-know-you stuff for our audience. We'll do it quickly. And since we're remote, I'll going to spin the wheel for you, if that's all right. 

Nicole [00:37:43] Absolutely. 

Kinsey [00:37:44] All right. [sound of wheel spinning] Truth or truth. Do you read the terms of service when you sign up for a new tool online? 

Nicole [00:37:53] I definitely scan them. [Kinsey laughs] I read them. But I am one of those people that, it will say, click here for terms of service, and I do because I want to see how they're structured. But not a complete legal read. No. 

Kinsey [00:38:09] OK, so scan is good enough. If it's good enough for you, I feel like it'll be good enough for our audience. All right, gonna take another spin. [sound of wheel spinning] And it landed on in or out. So are you in or out? Bullish, bearish, sold or not sold on this idea that a rapid adoption of digital transactions in the age of COVID-19 is going to lead to more fraud in terms of our bank accounts? Should we be worried? 

Nicole [00:38:36] Well, I think that I can't necessarily speak to the fraud in bank accounts, but I will say that given the amount of fraudulent COVID domains registered out there, it does increase our risk. 

Kinsey [00:38:54] All right. One more spin around the wheel. [sound of a ding] And it landed on day in the life. So what's a day in the life like for you in your work-from-home quarantine life? 

Nicole [00:39:07] Yes. Quarantine life. I'm an avid juicer. So first thing in the morning, I'm picking whether I'm having my carrot-orange-ginger juice or my cucumber-lemon-parsley juice. So I'd say that's where it starts. But I think it's important still to get exercise. That's usually my next thing—is at least grabbing a quick jump rope out on my deck. And then it's to work. And it's a long day of video conferencing, for the most part. 

Kinsey [00:39:35] Yeah. [laughs] I imagine it is. All right. Well, Nicole, that sounds like a great day and this has been a great interview. I really appreciate you taking the time to speak with us and to come on Business Casual. I learned so much. 

Nicole [00:39:47] Thank you for having me. I really enjoyed it. 

Kinsey [00:39:56] Thank you so much for listening to this episode of Business Casual. We just launched a brand-new website at You can sign up to make sure you never miss an episode. And we're really, really excited about the way that it turned out. But we want your feedback. Go to and let us know your thoughts on the new site, and I'll see you next time.