Virgin Trains implements early threat detection tool

Virgin Trains has implemented security software that allows it to monitor its IT network and identify threats and disruption to customer service early.

The software is from Darktrace, a Cambridge-based cyber security company that was the first firm to receive investment from Invoke Capital, the $1 billion technology fund vehicle set up by Autonomy founder Dr Mike Lynch.

Virgin Trains has implemented Darktrace's Enterprise Immune System technology to monitor its network traffic on a 24/7, real-time basis.

Darktrace offers an approach to cyber defence based on mathematical research out of the University of Cambridge, which begins with the premise that a network has already been infiltrated and that some of the risk might come from a company's own employees.

Using 'self-learning' technology, Darktrace forms an adaptive, probabilistic understanding of Virgin Trains' information environment, including the behaviour of its users, devices and networks. It then alerts the company to any deviations from its normal 'patterns of life' as soon as they occur.

"Darktrace is a game-changer because now we have a baseline of how our users, devices and network operate and how that changes over time with our business. As opposed to SIEM-based [Security Information and Event Management] retrospective approaches, Darktrace's cyber intelligence platform and Threat Visualizer interface provide us with absolute visibility into what is happening in real time," said Louis Kangurs, IT network manager at Virgin Trains.

"We can now pinpoint and target our security resources and spend much more intelligently."