
What does Skynet need money for?
British AI-powered infosec biz Darktrace is to go public in England's capital city, the company told the London Stock Exchange this morning. Sky News reported last night that chief exec Poppy Gustafsson is expected to make around £20m from the initial public offering, with shares trading on Darktrace expected to open “at …
According to Wikipedia "Darktrace was founded in 2013, in a collaboration between British intelligence agencies and Cambridge University mathematicians." but these former HP people keep calling themselves "founders" which raises a few questions doesn't it?
When I searched I found an interview with this Poppy Gustafsson, but it was unenlightening because she spewed out a bunch of generic management buzzwords, so I have no idea whether she is capable of tying her own shoelaces or not.
The whole set up seems like some sort of scam to me.
The Cambridge University mathematicians founding bit could be entirely [citation needed]? Copied around from article to article and not challenged because it sounds good..
Some of the HP/Autonomy guys founded it. Several of them do have decent degrees in maths just not from Cambridge - Poppy included, though I cannot tell you whether she took the topology modules, and she appears wearing slips-on mostly. They located it in Cambridge and apparently recruited at least some Cambridge Uni students but I can't find who. It'd be interesting to know whether the genesis of the software is in some interesting research group's publications or whether they're mostly grabbing recent comp sci graduates and having them take their deep learning textbooks back off the shelf (and then code something that looks like an 80s expert system?).
I'm sceptical of everything AI having burned through my own hype for it years ago and seen it too often used as a blank slate for drawing unfulfillable fantasies on. But that's not to say whatever this company is doing is useless. They do have some really nifty graphics. If all they achieve is gamifying network security and making spotting intruders fun then that'll be a win on it's own.
Not saying it's a poor product, LOOKS great but we found the marketing / sales staff unhelpful. They wanted to put a device on our network to analyse traffic THEN give us a quote - sorry not interested.
They genuinely didn't get why a public sector organisation dealing with highly sensitive information would want more detail on what the product would do, how much it would cost etc before spending time/resources for a pilot.
I explained this repeatedly to various sales staff (seemed to have a lot of turn over at the time) and each time got the same canned answer around "it's best if we can look at the quantity of traffic etc etc before quoting" so I'd ask for a very rough estimate, hell even a guess - always difficult to get any sort of even vague answer from them.
I don't see how anyone ends up with the product with this sort of tactic being used unless the execs are being greased.
At Last, we can get rid of the pushy sales people.
Darktrace is a only an IPO company. It has a useless product with a very aggressive marketing/sales strategy. The whole purpose of Darktrace was to ride the Cyber Security purchasing bubble by making CFO's believe they are buying cutting edge sexy technology, then IPO the business, make some people very rich, and either just get bought out or just run down the business until it disappears.
Most real security people see through the smoke and mirrors of their sales pitch and the "AI" which will magically understand your business and be able to filter out bad/good traffic.
Is the fundamental product any good? As I understand it the claim is that by using "artificial intelligence"/"machine learning" a lot of the traditional heavy lifting of conventional cyber security consultancy can be avoided. The various sensors that are placed in a client's system monitor traffic and decide what is normal. Anything abnormal is flagged for attention.
Problem number one: many businesses and organisations are seasonal so that it will take at least a year and possibly two or three before you can feed the machine learning system with enough data to make decisions. How, for example, would such a system have coped with COVID where suddenly there would have been a huge amount of remote accesses and homeworking?
Problem number two: most organisations are constantly developing new services and systems - all the time that your monitoring system is trying to work out what is normal.
Problem number three: any alert system such as we already have for intrusion detection systems is heavily dependent on the sensitivity settings. Too sensitive and you get many false positives; too insensitive and the bad guys get in unannounced. So you require a lot of humans to make judgements as the system produces alerts.
Darktrace seems to be a heavily marketing orientated operation and may account for success by selling to the ignorant.