September 2024 Industry Insights

September 2024 Industry Insights

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Cyber Threats, Network Visibility, EDR vs. SIEM, and much more.

KedronUK
Current Cyber Threats and How to Prevent Them (Blog Post)
In our increasingly digital world, cyber-attacks pose a significant threat to both individuals and organisations. Understanding these threats and learning how to protect yourself is essential. This blog post delves into some of the most common cyber-attacks, providing detailed insights and practical prevention tips.

Read the full blog here!

ExtraHop
Stop Breaches with Network Visibility. (Blog Post)
One of the biggest challenges facing security teams is that attackers know defenders can’t watch everything, particularly if defenders lack network visibility. Without network visibility, not only are organisations blind to how attackers are moving through their environment, but they also have extremely limited visibility into the systems and data bad actors are accessing.

Read more here.

Infosim
Netconf/YANG: The Future of Network Configuration. (Blog Post)
Your network’s health is crucial for keeping things running smoothly and ensuring you maintain top-notch service availability. At the heart of it all you need a smart network management solution that lets you make quick, automated configurations and stay ahead of potential issues.

One of the biggest causes of network problems? Human error from manual configuration mistakes. That’s why the tech world is constantly looking for better ways to manage networks more efficiently, dynamically, and—importantly—standardized across different systems.

Find out more here.

BullWall
Protecting the Manufacturing Industry from Ransomware Attacks. (Blog Post)
The manufacturing industry, a cornerstone of the global economy, faces a growing threat from ransomware attacks. The cyberattacks can cause severe damage, leading to costly downtime, production delays, and a multitude of other critical issues.

Read the full blog post here.

Rapid7
Proactive Visibility is Foundational to Strong Cybersecurity. (Blog Post)
Exposures are more than CVEs, so organisations need to move beyond the traditional thinking of vulnerability management to a holistic view. Part of that view must be greater visibility into devices, users, applications, and all the digital infrastructure connected to an organisation’s environment. Gaps in that view create risk exposure. Organisations must proactively identify anything that presents a risk to determine whether to act.

Read more here.

Heimdal
EDR vs. SIEM. (Blog Post)
When it comes to threat detection, it’s important to get the right tools for the job. Unfortunately, that can be easier said than done. Whether it’s a SIEM, EDR, XDR, MDR or any of a whole range of other confusing and overlapping terms, there are a lot of products on the market. EDR and SIEM solutions are two of the most common. And to add to the confusion, some companies will need both products, some need one or the other, and others neither.

Read more here, for everything you need to know about EDR vs. SIEM.

Forescout
Cybersecurity in Manufacturing: 5 Challenges to Overcome. (Blog Post)
Executing cybersecurity in manufacturing environments can feel like an uphill battle. With ransomware lurking in the shadows and supply chain risk constantly evolving, it’s easy to feel overwhelmed. Compliance regulations only add more pressure, leaving many wondering where to even begin.

Read more here.

Appgate
Another Wake-Up Call to Embrace Zero Trust Network Access. (Blog Post)
The exploitation of this SonicWall vulnerability by ransomware actors, notably the Akira group, mirrors the Ivanti VPN vulnerabilities that sent shockwaves through the cybersecurity landscape earlier this year. These incidents highlight a recurring pattern: threat actors are increasingly targeting VPNs via exposed infrastructure, shifting their focus from endpoints to the very devices meant to protect us.

Find out more here.

Kirsty Jones

Kirsty Jones

Marketing Executive

Spreads the word further and wider about how we can help connect and visualise your IT Ops and Sec Ops data

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Current Cyber Threats and how to Prevent Them

Current Cyber Threats and how to Prevent Them

 In our increasingly digital world, cyber-attacks pose a significant threat to both individuals and organisations. Understanding these threats and learning how to protect yourself is essential. This blog post will delve into some of the most common cyber-attacks, providing detailed insights and practical prevention tips. 

1. Phishing Attacks 

Phishing attacks are deceptive attempts to obtain sensitive information such as usernames, passwords, and credit card details. These attacks often come in the form of emails, text messages, or websites that mimic legitimate communications from trusted sources.

How it works: 

  • The attacker sends a message that appears to be from a reputable entity, such as a bank, telecommunications, cloud provider, courier / postal service or other well-known company. 
  • The message contains a link or attachment that prompts the victim to enter personal information such as logon credentials or download malware. 

Prevention Tips:

  • Verify the Source: Always check the senders email address and look for signs of spoofing. If unsure, contact the organisation directly using a known, legitimate contact method. 
  • Think Before You Click/React: Hover over the links to see where they lead before clicking. Be cautious with unexpected attachments, even from known contacts. Services like Microsoft 365 and Google Workspace can place additional warnings into external e-mails to help users spot phishing attempts which try to make out they are internal from a colleague. 
  • Use Security Services/Software: Implement email filters and anti-phishing tools to detect and block malicious messages. Alongside the standard security controls provided by email providers, third party vendors such as Heimdal offer additional layers of security. 
  • Education: Regularly train employees on how to recognise and respond to phishing attempts. Simulated phishing attacks can be occasionally run to ensure user awareness is checked and maintained. 

2. Ransomware & Malware 

Ransomware is a type of malware that encrypts a victims files to prevent access and demands a ransom for the decryption key. Attackers may also exfiltrate the data and threaten to publicly release sensitive business information if a ransom is not paid. This attack can cripple businesses, plus cause significant financial losses and reputational damage.

How It Works: 

  • Ransomware typically spreads through phishing emails, malicious ads, or by exploiting vulnerabilities in software. Once executed, it encrypts files and displays a ransom note demanding payment, often in cryptocurrency. It will also try to move laterally across a network to maximise the disruption. 

Prevention Tips: 

  • Regular Backups: Again, maintain regular backups of critical data and ensure they are stored offline or in a secure cloud environment. Immutable backups can protect critical restore points from ransomware. Backup procedures need to be tested on a regular basis to ensure they are working as expected – do not just trust log reports!
  • Install Antivirus / EDR Software: Ensure you have reliable antivirus and anti-malware software installed and regularly updated. That said, the recent CrowdStrike outage has shown regular updated can be a double-edge sword!
  • Patch Vulnerabilities: Keep your software and systems updated to protect against exploits. A vulnerability scanner / solution such as Qualys. Tenable Nessus or Rapid7 InsightVM can help automate this process to avoid blind-spots when dealing with a large IT estate. Any vulnerabilities with a CVE score of 9 or more should generally be treated as a priority and either be patched or mitigated. 
  • Network Segmentation: Segment your network to limit the spread of ransomware and contain potential damage. Zero Trust Network Access (ZTNA) solutions like Appgate can ensure users only have access to the applications they need, restricting the ability of ransomware to move laterally to other devices on the network. 
  • Consider Fire-Break Solutions: Ransomware containment solutions such as BullWall RC can provide a last line of defence against encryption. These solutions aim to stop a ransomware attack as quickly as possible, isolating or shutting down the infected PC(s) to minimise the impact of the attack. 
  • Examine your full supply chain and technology stack: A number of enterprises impacted by the ransomware groups which targeted the MOVEit vulnerabilities were actually affected due to the use of MOVEit by their payroll / HR software provider (TechCrunch). 

3. EOS/EOL and Unpatched Network Equipment

Patching operating systems and applications is a regular task for most businesses, with tools such as Heimdal Patch & Asset Management used to automate much of the repetitive work. However, it is also critically important to update network equipment, especially routers and firewalls which are internet facing. 

Research published this week by Vedere Labs, the cybersecurity research arm of our partner Forescout, identified 14 new security vulnerabilities in 24 models of the popular DrayTek Vigor network routers/firewalls. Around 785,000 impacted devices have been identified globally, with 20% of these considered to be End of Life (EOL) and 43% End of Support (EOS). 

Thankfully, DrayTek have provided firmware updates for EOS/EOL routers. 

How It Works: 

  • Attackers use automated tools such as Shodan to scan the Internet for exposed devices with out-of-date firmware. 
  • One located, attackers will have scripts ready to exploit the security bugs. 
  • The attackers may use the device launch DDoS attacks as part of a botnet, intercept traffic or penetrate the private network behind the firewall/router to deploy ransomware.

Prevention Tips:

  • Patch Firmware: Where possible, subscribe to vendor email notifications to automatically receive alerts for new firmware release. More importantly, arrange appropriate maintenance windows to install the updates, especially where they contain security fixes. 
  • Replace End of Life (EOL) Equipment: Critical network infrastructure which is EOS/EOL and thus unsupported should be replaced. Even though the equipment may continue to work fine without support by the vendor, the lack of updates means rushing to replace a device when an exploit is found and widely abused. Not all vendors will product patches for old equipment like DrayTek!
  • Remove or secure public management access: Although convenient for remote support, exposing router, firewall or other management interfaces directly to the Internet should be avoided wherever possible. The DrayTek research found over 704,00 devices with the management UI exposed to the Internet.

Conclusion

Understanding these common cyber-attacks and implementing robust security measures can significantly reduce your risk. Stay informed, stay vigilant, and prioritize cybersecurity to protect yourself and your organisation from these pervasive threats.

As an independent specialist consultancy working with leading cyber-security vendors, KedronUK can assist enterprises in addressing gaps within their security tooling from EOL device management through to ransomware containment solutions.

For more information on our full product portfolio, please contact us, or email our sales team at sales@kedronuk.com

Kirsty Jones

Kirsty Jones

Marketing Executive

Spreads the word further and wider about how we can help connect and visualise your IT Ops and Sec Ops data

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Streamlining Efficiency Part Two: A Dive into our Latest Automation Project

Streamlining Efficiency Part Two: A Dive into our Latest Automation Project

In Part One, we discussed how many organisations are hesitant to disrupt existing technical workflows, even though they may now be extremely inefficient. However, this mindset can be a barrier to progress and innovation, potentially costing time and money.

While certain processes may appear functional on the surface, they may still harbour inefficiencies or limitations that could be addressed through automation. By challenging the status quo and being open to change, organisations can uncover hidden opportunities for improvement and unlock new levels of efficiency and effectiveness.

In this second part of our mini blog post series, we will explore how even seemingly “unbroken” processes can benefit from automation, demonstrating the value of a proactive approach to innovation, as highlighted by a recent automation project with a manufacturing company in an industry dating back to the 19th century.

An open-minded, collaborative approach is essential for successful automation projects, especially in network management. By focusing on objective evaluations of workflows and processes, stakeholders can identify areas for improvement and implement solutions effectively. This approach was exemplified in a recent automation project carried out by KedronUK for a manufacturing company, where a clear focus on process evaluation led to significant improvements.

In the first part of this series, we outlined the project’s focus, highlighting three main elements:

1. Mitigating Ticket Proliferation in IT Service Management
2. Workflow Automation for Manual Tasks
3. Efficient Ticket Generation for the NG Firewall Platform

Let’s dive into the second focus area:

Workflow Automation for Manual Tasks

Many of us perform tasks regularly that we know could be more efficient, but the old saying comes to mind; “I don’t have time to stop to get on my bike,” or in other words, “I’m so busy with the task at hand, that I don’t have time to stop and improve the process.” Double, or even triple entry, is a common example of this inefficiency.

I was talking with a new potential customer today, who manages a network supporting over 30,000 employees. When asked if they find themselves double-entering data between their CMDB and the NMS platform, they responded as expected: “Integration would be great, but we just don’t have that level of automation, and we don’t seem to be able to find the time to implement it.”
Our existing manufacturing company customer faced a similar situation. They used one system for ordering, another for CMDB, another for discovery and management, and another for ITSM, with users manually entering information at each layer. Additionally, vital information often wasn’t migrated between systems due to the manual workload. Such data would be extremely useful in the event of an incident or service assessment.

While this scenario can be politically sensitive, the benefits of a consistent, up-to-date flow of data from source to end-point, without the bottleneck of manual entry, are clear.

The first step was to identify what data was needed, where was it needed, and what was the entry point for that data. The goal was for an alarm produced by the NSM platform to generate a ticket in the ITSM platform, automatically, with all the required details to triage the ticket, such as:

• Hostname
• IP Address
• Serial Number of all FRU components
• Services affected
• Service Status
• Device Criticality
• Asset Value
• End of Life Status
• Site Information
• Rack and U location
• Site access details
• Service Contract Status
• Support Contact Numbers
• SLA information
• Root cause Alert detail (what’s wrong)

As can be deduced from the list, the source of each data point was spread across several different platforms.

The second step was to identify the unique identifier between platforms to link the data sets. For example, the unique identifier between the ordering platform and the CMDB was the device serial number, and between the CMDB and the IPAM system, it was the hostname.

Using TOTUUS®, a data framework solution with capabilities such as CMDB and ETL, we configured several data connector APIs. The customer CMDB was configured to send new or updated device information to TOTUUS®. A listening (PUSH) connector (DCx) was configured in TOTUUS® to receive this data, ensuring secure communication with tokenised URLs.

Upon receiving data from the customer CMDB, the PUSH DCx matched the data internally with a unique identifier, updated the local CMDB, and executed secondary DCx’s to connect to other platforms for additional data augmentation.
StableNet® (NMS platform) by InfoSim, was configured to discover additional asset information regularly against the TOTUUS® CMDB. Another TOTUUS® DCx was configured to extract relevant information from StableNet®, after asset discovery, such as device end-of-life details and configuration policy status.

Finally, a TOTUUS® DB Object was configured, allowing the customer CMDB to pull detailed information of interest back to maintain up to date information.

With all required data in one place, an alarm script in StableNet® was configured to augment alarm details and send the necessary information to the ITSM platform, automatically creating an ITSM ticket, with the required level of detail.

This engagement resulted in data being entered once, at its point of origin, and automatically collected and passed to secondary systems, augmented en-route, and collated at its destination. This reduced errors, data bottlenecks, and time spent understanding required information during incidents, significantly reducing MTTR.

In the final segment of this blog series, we’ll continue exploring facets of network management automation, with efficient ticket generation for the NG Firewall Platform.

If you would like to discuss an Automation or Consolidation project, please contact phil.swainson@kedronuk.com.

Kirsty Jones

Kirsty Jones

Marketing Executive

Spreads the word further and wider about how we can help connect and visualise your IT Ops and Sec Ops data

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

May 2024 Industry Insights!

May 2024 Industry Insights!

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Disruptive Cyber Technology 2024, Cybersecurity platforms you should know about, and much more.

KedronUK
SOCial Cricket Event: Disruptive Cyber Tech 2024 (Blog Post)
Our first #NoSalesPitch event of 2024 saw the KedronUK team heading north into central Manchester. The No Sales Pitch format was a great success last year, with ten-minute presentations from five security vendors to keep things moving and interesting. With Sixes Manchester as the venue, there was the chance for networking over food and drink, along with some virtual cricket fun after the presentations had finished.
Read the full blog and download presentation slides here!

ExtraHop
Change Healthcare Ransomware Attack Represents Every CISO’s Worth Nightmare. (Blog Post)
The February 2024 ransomware attack on Change Healthcare is a perfect example of the kind of black swan cyber event that every CISO quietly dreads and prays will never happen: a devasting cyberattack that exposes the sensitive data of millions of customers, paralyzes and entire industry for weeks, and eats away at a company’s earnings for quarters and years to come.
Read more here.

Infosim
StableNet Innovation Lab – One Year of Open Innovation. (Blog Post)
With StableNet Innovation Lab, Infosim have created a driver for open innovation and given innovation management at Infosim a stronger structure and direction. The focus lies on the network Management market and their StableNet solution as well as on researching best practices and transferring them to real applications.

One year after the launch of the lab, a lot has changed and new additions have been added. In this blog post, Dr. David Hock gives an overview of the past year and an outlook on what to expect in 2024.
Find out more here.

Keysight Technologies
Decoding DNS Water Torture: Exploring DDoS Attack Patterns and Traffic Analysis. (Blog Post)
In the ever-evolving landscape of cybersecurity threats, Distributed Denial of Service (DDoS) attacks act as powerful weapons used by attackers to disrupt online services and infrastructure. Among the multitude of DDoS attack methods, one method stands out for its cunning strategy and relentless impact is DNS Water Torture attacks.
Read more here.

Rapid7
AI Trust Risk and Security Management: Why Tackle Them Now? (Blog Post)
In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority. As AI technologies integrate more deeply into our daily operations and services, they bring a set of unique challenges that demand a robust management strategy: The Black Box Strategy, Model Fragility, Easy Access, Staying Ahead of the Curve. The Black Box Dilemma, Model Fragility, Easy Access, Big Responsibility, Staying ahead of the Curve.

Our TRiSM (Trust, Risk, and Security Management) framework isn’t merely a component of our operations – it’s a foundational strategy that guides us in navigating the intricate landscape of AI with confidence and security.
Read more here.

Heimdal
11 Cybersecurity Platforms You Should Know About (2024). (Blog Post)
There’s growing evidence that organisations are consolidating their cybersecurity tools. One survey found that 60% of companies are looking to reduce the number of point solutions they use. And it’s not just about saving money – the top driver was in fact about improving usability.

Cybersecurity platforms are meeting this demand. By bringing most – if not all – of your cybersecurity tools into one environment, you can consiltate your activities into one robust platform.

In this article, you’ll learn about 11 of the best cybersecurity platforms currently available.
Find out more here.

Forescout
Beyond Bullet Holes: Unveiling Cybersecurity’s Hidden Risk Exposure. (Blog Post)
The art of risk assessment has long been a crucial element of military strategy and decision-making – and it remains critical to today’s best practices in cybersecurity defense. Abraham Wald, a mathematical genius, played a pivotal role in revolutionizing the understanding of hidden risk and exposure with his innovative work on aircraft survivability. During World War II, the US air force wanted effective methods to protect aircraft against enemy fire. Wald’s innovative approach stood out.

Wald’s ‘survivorship bias’ methodology offers a compelling analogy for today’s risk management. We need to think more strategically to gain a deeper understanding of risk – and not allow selective ‘success’ filters dissuade the mission. It’s time to accept there are hidden risks from limited visibility — and that hidden risks are a persistent threat to business and to human safety.
Read the full blog post here.

Kirsty Jones

Kirsty Jones

Marketing Executive

Spreads the word further and wider about how we can help connect and visualise your IT Ops and Sec Ops data

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

SOC-ial Cricket Event: Disruptive Cyber Tech 2024

SOC-ial Cricket Event: Disruptive Cyber Tech 2024

Our first #NoSalesPitch event of 2024 saw the KedronUK team heading north into central Manchester. The No Sales Pitch format was a great success last year, with ten-minute presentations from five security vendors to keep things moving and interesting. With Sixes Manchester as the venue, there was the chance for networking over food and drink, along with some virtual cricket fun after the presentations had finished.

Zero Trust – Forescout
Phil Swainson, KedronUK’s Head of Technology, was compere for the afternoon. After a brief overview of KedronUK, he introduced our first presentation from Keith Gilbert of Forescout. Keith talked about Zero Trust (ZT), focusing on the steps required to begin the journey to a ZT world. We know from speaking to many enterprises, there’s a lot to consider when starting out with ZT and proper planning is essential. Using the NIST 800-207 document entitled “Zero Trust Architecture” as a guide, Keith outlined the key system components such as Policy Enforcement Points and Policy Decision Points, plus how these interact with the “data plane” of users and systems.

Ransomware Containment – BullWall.
In the IT security arena, ransomware remains an ongoing threat to businesses of all size. Whilst the exact attack techniques and methods evolve, the risk of severe business disruption remains. Bullwall Ransomware Containment (RC) is an innovative but lightweight solution to provide an extra layer of protection. To use an analogy, an IT datacentre or large building will have a sprinkler or fire suppression system which will trigger in the event of a fire. The job of the sprinkler system is not to stop the fire from happening in the first place but to extinguish the fire as quickly as possible. Andrew Grant outlined how Bullwall RC offers the same solution for ransomware – other security tools will hopefully block and prevent as many attacks as possible but in the worst case, it will automatically trigger and stop the ransomware.

Breach & Attack Simulation – Keysight.
The ever-expanding IT security market means new vendors and new products appear almost daily. Analysts will identify attack vectors which need tools to protect against but what about the existing security tooling you have deployed? Kevin Berry from Keysight showed how a Breach & Attack Simulation (BAS) tool can fit into your security testing plans. Whilst it is a new tool (somewhat ironically), BAS is not about directly filling a gap or replacing an existing tool, but helping you understand how your existing security solutions are working. With regular updates from the Keysight Application & Threat Intelligence (ATI) team, Keysight ThreatSim helps you validate your existing security policies and posture to ensure they are providing the best possible protection against the latest threats. BAS compliments point-in-time tests such as penetration testing which are performed perhaps annually or six-monthly, as well as frequent scans from vulnerability management tools such as Tenable Nessus.

API Security – NoName.
Our newest vendor partner is NoName Security. API security continues to gain focus for CISOs and other security practitioners. As far back as December 2021, Gartner predicted that APIs would become the top attack vector. As an example, the recent (May 2024) Dell data breach saw an attacker use a poorly secured and non-rate limited API to extract the details of around 49 million customers. As a market leader in API security, David Moss outlined how the key pillars provided by Noname cover Discovery (what is my API estate?), Posture (how many of those APIs have vulnerabilities or are mis-configured?), Runtime (who is attacking my APIs?) and Testing (finding potential vulnerabilities during development).

Network Detection & Response – ExtraHop.
The “Need for Speed” was the theme of the last presentation from Kyle Francis of ExtraHop. IT teams are always under pressure to work faster. Security threats need to be detected and contained quicker, whilst outages must be resolved quicker to avoid costly business disruption. However, incomplete data, blind spots and too many complex interfaces hinder the investigation and resolution process. As a Forrester Wave (Q2 2023) leader for Network Analysis and Visibility, ExtraHop can help enterprises eliminate blind spots, detect issue and anomalies in real-time, ultimately reducing investigation to drive quicker, positive, outcomes.

With the presentations complete, the bar opened, food was served and the cricket began. Across the two nets, the best attendee on each screen stepped forward at the end for a competition to win an Oculus VR Headset! Although the runner up didn’t miss out, receiving a £75 voucher to return to a sixes cricket near them…

We received some great feedback from the attendees at the event. From speaking to them, the key takeaway from the afternoon included that whilst not every tool presented is the right fit for every organisation (perhaps due to size, budget or security maturity), the format is an excellent way of getting a view of current security trends and risks. Finally, a number of attendees noted how the workload for IT teams is unrelenting, so “light-touch” tools (such as BullWall RC) which can quick enhance security with a low management footprint are extremely attractive.

To find out more about each technology discussed, take a look at our SOCial Cricket Event Presentation Slides here!

Kirsty Jones

Kirsty Jones

Marketing Executive

Spreads the word further and wider about how we can help connect and visualise your IT Ops and Sec Ops data

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

September 2024 Industry Insights

April 2024 Industry Insights!

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Ransomware, Increasing Modularisations, Network Visualisation, and much more.

KedronUK
Streamlining Efficiency: A Dive into our Latest Automation Project (Blog Post)
Read our latest blog post from Phil Swainson where he explores how even seemingly ‘unbroken’ processes can benefit from automation, demonstrating the value of taking a proactive approach to innovation.

We find it hard to believe we are making over two decades of success in the ever-evolving IT industry, so we wanted to take a look back and share with our customers where it started, what has changed and where we think we will be going next!
Read the full blog here!

ExtraHop
Ransomware is About to Get Worse. Much Worse. (Blog Post)
If your organisation got hit with ransomware, what would you do? Would you pay the ransom?

As ransomware attacks once again take centre stage in cybersecurity, more and more organisations are opting to pay the ransom: 91% of security and IT decision makers surveyed on behalf of ExtraHop say they made at least one ransom payment in 2023, up from 83% in 2022, according to the 2024 Global Cyber Confidence Index.
Read more here.

Infosim
The Importance of Increasing Modularisations StableNet® Development. (Blog Post)
Network management software is tasked with oversight of complex network infrastructures comprised of a wide array of vendors, technologies, and innovations. Artificial intelligence and machine learning, novel approaches to data visualisation, the proliferation of IoT, telemetry… the list of tasks for a truly holistic and integrative solution are daunting indeed.

In this blog post, we will explore the myriad benefits of modularisation, focusing on its ability to simplify updates, foster specialized expertise, and pave the way for a more adaptable and forward-thinking approach to our unchanging commitment: the never-ending improvement of StableNet®.
Find out more here.

Keysight Technologies
Five Surprising Benefits of Network Visualisation. (Blog Post)
In the dynamic world of modern technology—where the intricacies of network systems continue to evolve at a rapid pace—the role of network visualisation stands as a game-changer in unravelling the mysteries of network modelling. Network visualisation provides a real-time view of network traffic and resource utilisation and can be used to identify bottlenecks, inefficiencies, and potential security vulnerabilities. Throughout this blog post Keysight delve into five surprising advantages that network visualisation brings to the realm of network modelling.
Read more here.

Rapid7
The Business of Cybersecurity Owndership. (Blog Post)
Cyber ownership can often be overlooked or misunderstood within an organisation. Responsibility and accountability should not rest solely on the CISO’s shoulders. And while the IT department will also have a role to play, security responsibilities must be ingrained in the culture of the entire organisation. They should include each responsible asset owner, not forgetting that data is also an asset.
The more eyes there are on security within your business, the greater the ability of your cyber teams to strive for increasing levels of maturity and a stronger overall security posture.
Read more here.

Heimdal
SharePoint Flaws Could Help Threat Actors Evade Detection Easier When Stealing Files. (Blog Post)
Two methods that researchers have found might allow attackers to get around audit logs or produce less serious entries when they download data from SharePoint. Due to the sensitivity of SharePoint data, a lot of businesses audit sensitive occurrences, such as data downloads, to set off alarms in security information and event management platforms (SIEMs), cloud access security solutions, and data loss prevention tools.

Two easy methods that users can employ to get around SharePoint’s audit logs or create less sensitive events by downloading data in a certain way or passing it off as data synchronization operations have been developed by security experts.
Find out more here.

Forescout
The Global Threat Evolution of Internet-exposed OT/ICS. (Blog Post)
Operational technology (OT) and Industrial Control Systems (ICS) are core parts of an engine fuelling critical infrastructure in industrialised nations worldwide. Water treatment facilities. Wastewater plants. Electrical transmission and distribution hubs. Nuclear power and manufacturing plants. Energy pipelines.

Over the years, these traditional technologies have become more connected and integrated to information systems that use the internet – opening them up for more efficient monitoring and automation of operational processes.
Read the full blog post here.

BullWall
Ransomware Prevention Best Practices. (Blog Post)
In an era that features constant cybersecurity threats that are increasingly complex and continually evolving, combating ransomware remains one of the most daunting challenges many organisations face. Though we understand that complete ransomware prevention is not possible, we are aware that having a well-executed list of best practices can significantly mitigate risks associated with a ransomware attack. Throughout this blog BullWall highlight some of the many different layers available to help your organisation avoid and mitigate the impact of a ransomware attack.
Read more here.

Kirsty Jones

Kirsty Jones

Marketing Executive

Spreads the word further and wider about how we can help connect and visualise your IT Ops and Sec Ops data

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL