Databricks is pushing into the cybersecurity arena with the launch of Lakewatch, its new Open Security Lakehouse. This platform is engineered to address the escalating complexity of modern cyber threats, particularly those amplified by AI.
National Australia Bank (NAB), a critical infrastructure entity in Australia, has been a crucial design partner in Lakewatch's development. The bank's role highlights the need for robust security solutions in the financial sector, where defending against sophisticated adversaries is paramount. NAB ingests over 30TB of security data daily, underscoring the scale of challenges faced in financial institution cybersecurity.
The AI-Driven Threat Landscape
Sandro Bucchianeri, NAB's Chief Security Officer, emphasizes a threat-informed approach, focusing on understanding adversary tactics to stay ahead. This proactive stance is essential as adversaries increasingly leverage AI for faster, more scalable attacks. Staying ahead requires advanced analytics and AI-driven workflows to improve correlation and automate responses at speed, a challenge exacerbated by AI-enabled cyber threats.
Databricks' existing enterprise data platform relationship with NAB provided a natural foundation for this security initiative. The goal is to enable more sophisticated threat detection by analyzing broader enterprise datasets.
Co-Innovation for Real-World Needs
Lakewatch is positioned as the industry's first Open Security Lakehouse, born from direct collaboration with organizations like NAB. The platform aims to provide a turnkey security operations workflow built natively on the Lakehouse architecture. This approach integrates real-world security operations expertise with Databricks' data and AI capabilities.
NAB's involvement, drawing from its experience in one of the world's most targeted sectors, helps shape Lakewatch into an AI-era ready solution. The platform promises advanced analytics for enterprise-wide signal correlation, enabling proactive threat hunting at scale. It also supports AI-enabled cyber defense across the entire workflow, from ingestion to response.
Andrew Krioukov, GM of Lakewatch, stated, "The ability to work in collaboration with Databricks to shape a product to meet the needs of cyber defenders into the future is what excites us." This collaborative development ensures the platform is not only technologically advanced but also grounded in practical operational needs, aiming to provide a new, industry-leading capability for security operations platforms.
