Thank you for signing up!

Thank you for signing up for our newsletter. It's a great way to stay up to date with everything about Grove Group.

The Copperbelt Energy Corporation Plc (CEC), a member of the Southern African Power Pool, and listed on the Lusaka Securities Exchange, is a Zambian incorporated power transmission, generation, distribution and supply company and a major developer of energy infrastructure in Africa. Respected for its skills in designing and operating transmission systems. CEC owns, operates and maintains power transmission, generation and distribution assets servicing customers in Zambia and the DRC, and is one of the largest international power traders in the region.

With our previous security stack, we only got to know about an incident once the damage was done. Now with Darktrace, it does all the analysis and remediation for us in real time, and we are able to receive notifications of certain events wherever we are.

– Choolwe Nalubamba, Head of Telecommunications and Information Systems, Copperbelt Energy Corporation Plc

The Challenge

As a leading player in the energy and utilities space, the main concern for the Copperbelt Energy Corporation Plc was safeguarding its complex OT infrastructure. Due to the high visibility on both the OT and the IT networks, its operating machinery had become vulnerable to new vectors of attack. Whether indirectly compromised through disruption to the corporate network, or targeted by an ICS-specific attack, any disruption to the company’s SCADA network would have resulted in significant financial and reputational loss.

Complicating this task was the overwhelming amount of digital information Copperbelt Energy Corporation Plc’s small team of security analysts were faced with on a daily basis. Scouring through hundreds of alerts was a time-consuming, laborious process.“We were very reactive to potential threats to the business, and that reactiveness was extremely slow,” explained Choolwe Nalubamba.

“If an incident were to happen when we left the office, we would only find out about the attack once the damage had already been done.”

They were looking for anomaly detection on both the OT and IT Networks and something that would autonomously respond intelligently to "threats". No serious attacks were recorded before finding a solution, however, a lot of configuration and policy shortcomings were rampant on the network.

The Solution

After a 30-day Proof-of-Value, Copperbelt Energy Corporation Plc deployed both the Industrial Immune System and Darktrace Antigena to cover its OT and IT systems. Like the human immune system, Darktrace’s core technology uses cyber AI to learn what’s normal for its environment, analyzing patterns in behavior for every user, device, and controller. From this baseline, it identifies abnormal activity indicative of a threat or vulnerability as it emerges. Beyond simply raising an alert to the security team, Darktrace Antigena then takes action to respond autonomously, neutralising malicious activity within seconds of the threat being identified. Notifications of Antigena’s actions are alerted via the Darktrace Threat Visualizer and the Darktrace Mobile App, with the security team now receiving alerts as soon as an incident takes place. “Darktrace does all the analysis and remediation for us in real time, and we are able to receive notifications of certain events wherever we are”.

The Result

The value of the technology was instantly recognized for both its ability to identify novel threats and vulnerabilities as well as function as a force multiplier – augmenting the capabilities of the existing security professionals. The team has gone from being reactive to proactive, taking necessary action before an incident can escalate into a crisis. The security team has also benefited from increased visibility of its OT network, including complete oversight of the connections between its IT and OT systems. Darktrace shines a light into every corner of the network, displaying Copperbelt’s OT, IT, and IoT in a unified view. “We ‘see’ everything now - ranging from policy violations to active attacks. This provides us with peace of mind that our systems are now much more secure than what it was.”

*Originally published here on

Contact Grove today to see what we can do for you and your business:

+27 21 040 3140

Recent Tweets