“As organisations transform, it’s crucial to anticipate security blind spots”: Jill Popelka, Darktrace

“The pace of evolution in cyber threats is rapid. Bad actors are constantly creating new ways to attack and extort organisations. Human defenders can’t keep up with the pace of change we’re seeing so there is always going to be a blind spot of knowledge. That’s where a lot of the risk lives,” says Jill Popelka, CEO of Cambridge-based cyber security firm Darktrace.

It’s that framing of cyber threats as an ever-shifting entity that simply cannot be predicted that inspired Darktrace’s approach to cyber security.

Traditional cyber security models typically identify risks by referencing an index of known threats. In contrast, Darktrace uses AI-powered pattern recognition inside an organisation’s digital footprint to catch all attacks, whether known or novel, in real time.

“The AI takes an organisation, learns its patterns and constantly analyses them to the same standard as an experienced security analyst. It identifies what needs escalating or takes immediate action if it needs to, without disrupting everything else that’s happening in the business. It’s like having an additional 30 experienced security analysts on your team,” Popelka continues.

Whether the suspicious activity comes in the form of an unusual script that starts running on an in-house network, or an employee appearing to send a lot of emails at an irregular time, the learning that has taken place means Darktrace identifies anomalies as they happen.

“By looking at the cyber security challenge from a different perspective – seeking what looks different to the defender instead of focusing on the attacker – we can suddenly see issues that would otherwise be overlooked, whether that’s an attack technique that has never been seen before or an insider who's doing something you wouldn’t expect. We’ve even identified faults within operating systems for our clients that were costing them money in terms of energy usage or inefficiencies,” Popelka says.

Systemic agility is growth-ready

What this approach means is the protection is agile enough to grow as business models and their digital footprints evolve. Cloud is an increasingly important element of that, and Darktrace’s expertise has recently been augmented with the acquisition of Cado Security, a UK-based security provider that enables a forensic level of investigation and response in hybrid and multi-cloud environments.

“Our AI has long protected Cloud environments but as organisations transform their operating systems and reinvent business models around the Cloud, it’s crucial that we are anticipating potential blind spots and deepening customers’ defences, so Cado will be a great addition for us going forward,” says Popelka.

The dark side of AI

Innovation has sat at the heart of the brand since its inception in 2013, with active research and development centres both in Cambridge and The Netherlands.

Following the acquisition of the business in 2024 by Thoma Bravo, fresh investment is powering Darktrace’s innovation strategy further, with Cado’s research and development team in Bristol complementing those already in place. And while the business has over 200 patents, the advent of GenAI is keeping everyone busy, as Popelka explains.

“It said I needed some bank details urgently and gave him steps to take. Luckily, he’s savvy enough that it failed but this is an increasingly common story and it shows how varied and sophisticated attacks have become.”

Popelka’s experience demonstrates how business leaders themselves can be an unwitting infiltration vector, while the targeting of Darktrace itself is a timely reminder that no organisation is excluded from the cyber-attack arms race. GenAI has also intensified the pressure from cyber threats by allowing an increase in volume and sophistication of hacking attempts. Meanwhile subscription based tools are lowering barriers to entry through ‘Malware-as-a-Service’. These ‘do it yourself’ kits now account for 57% of attacks, according to Darktrace’s latest threat report.

“It’s just another reason why you need a fabric of security that extends as far as your organisation’s digital footprint does,” says Popelka.

Growth vs Innovation

Current Darktrace clients are as varied as the City of Las Vegas, CenterParcs, Drax Group (their first client) and Aviso - for whom in just one month the platform investigated 6.7 billion network events, saving Aviso's team an estimated 1,104 hours of manual investigation.

With nearly 10,000 customers across 110 countries and with 2,400 employees globally, Darktrace’s growth strategy is entering a new phase. The business has hired their first Chief Customer Officer and plans to double down on making the customer experience as seamless and rewarding as possible. They are pairing that refreshed approach with a focus on markets where there are large untapped audiences, which chimes with the PwC UK CEO Survey finding that 65% of UK CEOs are creating new business capabilities to address new markets. The USA is a key target within that, and Popelka is focused on staying true to what will really make the difference and ensure sustained, impactful growth.

“We have to remain collaborative and keep that living, learning culture. We all need to exhibit curiosity every day. That’s how we understand what our customers really struggle with and create innovations that fix those struggles.”