Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on The Dangers of Cyber Risk Quantification, How AI is Enabling Resilience in Healthcare, Ransomware’s Impact on Government Organisations, and much more.

KedronUK
KedronUK Has Come of Age! (Case Study)
KedronUK has reached the grand old age of 21 and will be celebrating this milestone with the team by attending the Henley Royal Regatta 2024!

We find it hard to believe we are making over two decades of success in the ever-evolving IT industry, so we wanted to take a look back and share with our customers where it started, what has changed and where we think we will be going next!
Read the full blog here!

ExtraHop
The Dangers of Cyber Risk Quantification. (Blog Post)
Cyber risk quantification (CRQ) is an approach to analysing and reporting on cybersecurity risks that has grown in popularity over the past decade. One of the leading CRQ frameworks is known as the Factor Analysis of Information Risk (FAIR) model. The FAIR model posits that cybersecurity risk can be quantified in terms of its potential financial impact, just like any other business risk. The benefits to quantifying risk financially are that security leaders can communicate the impact of a potential cybersecurity incident in terms executives are familiar with and they can clearly demonstrate the effectiveness of their cybersecurity programs.
Read more here.

Infosim
StableNet® Analytics Portal (SNAP). (Blog Post)
Dashboards are an invaluable tool to visualize data, gain insight and share information with stakeholders. For network management, dashboards are not “one-size-fits-all”; specific user groups require different levels of granularity. With the all new StableNet Analytics Portal (aka “SNAP”), near-real-time dashboards can be customized easily and with multi-tenancy, your level of control has never been greater. .
To learn more, click here and see how, with the all new StableNet Analytics Portal, getting and sharing the information you need really is a “SNAP”.

Keysight Technologies
3 Ways that Artificial Intelligence is Enabling Resilience in Healthcare. (Blog Post)
The Covid-19 pandemic heightened existing pressure points in nearly every sector and industry. The pandemic exacerbated the already crisis-level burnout that healthcare workers were struggling with. Hospital networks are struggling to keep pace with more patients requiring care from a shrinking healthcare professional workforce. Inflation, increased doctor-patient ratios, and a shrinking healthcare talent pool have stretched the medical industry to its breaking point. Digital health technologies that leverage AI contribute to improving the efficiency and effectiveness of hospital systems in meaningful ways, including cost reductions, improved access to healthcare, and resource optimisation.
Find out more here.

Rapid7
Why The External Attack Surface Matters: An analysis into APAC related threat activities. (Blog Post)
Considerable focus within the cybersecurity industry has been placed on the attack surface of organisations, giving rise to external attack surface management (EASM) technologies as a means to monitor said surface. It would appear a reasonable approach, on the premise that a reduction in exposed risk related to the external attack surface reduces the likelihood of compromise and potential disruption from the myriad of ransomware groups targeting specific geographies and sectors.
Read more here.

Heimdal
There’s Something Phishy about Generative AI. (Blog Post)
The rise of GenAI (Generative AI) gives leeway to malicious content creators with 80% of all phishing campaigns discovered in the wild being generated by AI tools such as ChatGPT or similar.
In this article, we are going to explore the latest phishing techniques that capitalise on GenAI.
Find out more here.

Forescout
The Mega Impact of AI-Driven Disinformation Campaigns. (Blog Post)
The amount of money to run an AI-based disinformation campaign is miniscule compared to the influence the campaign can have on society. As noted in a recent SecurityWeek piece “Preparing Society for AI-Based Disinformation Campaigns in the 2024 US Elections”, there are four common steps in these efforts: Reconnaissance, content creation, amplification and actualisation. Unlike other threat actors who typically act out of financial motivation, the question here isn’t ‘how do we monetise the campaign?’ It’s ‘how do we effect change?’ They want to change the way people think and act — and change what they believe.
Read the full blog post here.

BullWall
How Ransomware Impacts Government Organisations. (Blog Post)
Government institutions provide critical services to citizens, including healthcare, public safety, transportation, and utilities and as such are prime targets for ransomware attacks. Ransomware attacks can disrupt these services, causing delays, shutdowns, and potentially putting lives at risk. In some cases, ransomware attacks on government institutions may have broader national security implications. For example, if critical infrastructure or sensitive government systems are compromised, it could impact national defence, intelligence operations, and diplomatic relations.
Read more here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

KedronUK has reached the grand old age of 21 and will be celebrating this milestone with the team by attending the Henley Royal Regatta 2024!

We find it hard to believe we are making over two decades of success in the ever-evolving IT industry, so we wanted to take a look back and share with our customers where it started, what has changed and where we think we will be going next!

Starting out as a provider of network management tools in 2003, KedronUK quickly expanded its services to include application performance and end-to-end visibility. 

As the industry continued to shift and evolve, so did we. 

On Prem – Cloud – Hybrid
One of the most significant technology trends has been the shift towards cloud computing and virtualisation. As more businesses have moved their data and applications to the cloud, traditional IT management and monitoring tools faced challenges. However, we found it was important not to jump into cloud monitoring specific tools only, as users still accessed services within their own networks and as we deal with predominately large and secure customers, often critical/sensitive applications and data would remain on premise. We needed to ensure we provided the best possible solutions for Hybrid environments using as few monitoring tools as possible. 

We Entered the Cyber Security Market
Finally, the growing importance of cybersecurity has also impacted IT operation management and monitoring. With the increasing number of cyber threats and attacks, businesses need to be able to monitor their networks and systems for potential breaches and respond quickly when a threat is detected. 

This has led to the development of new security-focused tools and platforms that are integrated with IT management and monitoring systems to provide end-to-end visibility and protection. 

This is why, in 2017, KedronUK expanded its services to include cybersecurity. This move reflected the growing focus on Cybersecurity threats in the industry and the need for businesses to protect their networks and data from malicious actors. We also ensured we stayed close to what we are and what we are good at, which is fundamentally getting our customers the right kind of visibility from the complex environments. By providing technologies like Network Detection and Response, Threat Intelligence, SIEM, and SOAR we have been able to broaden on product portfolio, whilst ensuring we stay true to our quality design and delivery process.

Machine Learning and AI
Currently topical with our customer base is obviously rise of artificial intelligence (AI) and machine learning (ML). With the increasing amount of data generated by IT infrastructure, AI and ML have become useful tools for analysing and interpreting data to identify potential issues and optimise performance. 

In many ways this is only just beginning, but we have found again the importance of a pragmatic and balanced approach. From our works so far reviewing capabilities and their implications for the system we provide that, as important as this technology is, it should not be seen as the magic answer to all challenges. In fact, the best outcomes seem to come when this tech is layered on top of already functional and mature monitoring platforms. 

What’s Next?
Here we have a look at a couple of areas where we think will be busy next. Phil Swainson, our Head of Technology, plans to review each fo these areas in more detail in a series of future posts celebrating our big birthday. Each edition will come with a special offer so keep your eye out!

• Unification of SOC and NOC – Maybe because of our background and development, we have seen within our own portfolio, or because of the increased expectation of shared data via APIs and open standards, we see that there will be an increased awareness that multiple technology teams have very similar technologies running parallels. More and more there are vendor solutions that cover multiple domains offering opportunity for cost saving and technical efficiencies. An example here would perhaps be network Detection and Response and Network Performance Management, both solutions collecting network traffic from Taps, Packet brokers or SPAN ports for analysis. 

• CMDB Comeback – Sometimes CMDB is a dirty word, many have tried to build and maintain an accurate solution that meets individual business operational and compliance needs but many organisations we speak to are still left frustrated. For this reason, we have seen vendors move away from the term and start using other terms to describe similar functionality and narrow their focus into security and other niche’s, you could argue AIOPs is one of those to some extent. We think the concept is still correct and we just need better tolls and processes to achieve a reliable way of getting to the end goal that stakeholders can then learn to trust. We think this is one area where AI and ML is extremely interesting and can complement but also assure best practice and processes. However, again we think AI on it’s own won’t solve the total problem. We’ve got some interesting ideas about what will so watch out for Phil’s upcoming blog post. 

• IoT/OT and IT Convergence – Like or hate it, these worlds are coming together and end to end views of performance and security are critical, bridging the gap between these two technology areas and cultures is surely a challenge that needs addressing with a unified approach. 

We’d love to know what you think, both about how things have changed in the areas of performance and security visibility, and also what you think will be next!

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on ensuring a PCI DSS compatible solution, the latest Cyber Security threats, how Network Visibility unlocks Zero Trust,  and much more.

KedronUK
Ensuring a PCI DSS Compatible Solution with Rapid7 InsightIDR. (Case Study)
With card payments now accounting for the majority of customer transactions, helping to ensure conformity with the Payment Card Industry Data Security Standard (PCI DSS) was a prerequisite for J.W. Lees. Having worked with KedronUK previously, J.W. Lees approached the team seeking an enhanced solution to maximise security and assist with compliance towards PCI DSS. KedronUK strongly felt that – with the customer use case in mind – Rapid7 InsightIDR offered a more feature-rich solution compared to other vendors. InsightIDR has contributed significantly to enable J.W. Lees work towards achieving enhanced compliance in relation to the PCI DSS.
Read the full case study here!

ExtraHop
How Network Visibility Unlocks Zero Trust. (Blog Post)
One of the fundamental principles of cybersecurity is that you can’t protect what you can’t see. For the modern government agency, that means knowing at any given time who and what is on your network, how data is flowing across it, and the health of your endpoints. This isn’t a static picture: endpoints, data flows, and users are dynamic. If you protect your network AND get the highest level of performance from it, you need to understand how all these different factors work together and shift over time.
Read more here.

Infosim
StableNet® BI: Transforming Data into Power. (Blog Post)
StableNet®’s all new Business Intelligence (SNBI) offers a revolutionary solution by seamlessly integrating diverse data sources, granting businesses unprecedented insights. By combining infrastructure management with BI tools, companies gain the capability to optimize business processes and anticipate market shifts, enhancing their competitive edge. This integration not only streamlines operations but also fortifies the organization’s resilience by enabling proactive, holistic decision-making to prevent costly downtime and invest intelligently for future growth.
Click here for more information.

Keysight Technologies
Latest Cybersecurity Threats. (Blog Post)
Have you started 2024 feeling well prepared for the latest cyberthreats? In this month’s cyber threats rollup, Keysight have observed some major new attacks. The Keysight Application and Threat Intelligence (ATI) Research Centre has been keeping customers and partners safe by creating simulations of the latest cybersecurity attacks and incorporating them into Threat Simulator, Keysight’s breach and attack simulation (BAS) platform.
Find out more here.

Rapid7
5 Insights from the latest Cybersecurity trends research. (Blog Post)
Rapid7 is committed to promoting research that identifies the latest cybersecurity trends so that organisations can leverage these insights and created programs that make sense for the modern SOC. To that end, we’ve singled out five quick insights security professionals and stakeholders should consider when looking ahead. These findings are based on top trends in Cybersecurity for 2024, a new research report from Gartner.
Read more here.

Heimdal
Google Workspace: Cybersecurity Friend or Foe? (Blog Post)
Kevin Mitnick, once dubbed the Worlds most famous hacker said that “hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.” As defenders, it’s our job to put them out of business or, at the very least, provide some good sport. In this article, Heimdal explores how common tools such as those from the Google Workspace suit can lead to a full-fledge business compromise.
Find out more here.

Forescout
Bringing the Light into the Dark Places: Invisible Threats, Visible Solutions. (Blog Post)
What is the biggest cybersecurity challenge facing companies worldwide? The answer may vary depending on who you ask, but one indisputable fact remains clear: “What you can’t see, can and will hurt you”. Cyberthreats lurk in the depths of the digital world, constantly evolving, poised to strike unsuspecting victims. They often strike by compromising unseen connected devices which, experience has proven, represent up to 50% of all devices on a network.
To safeguard your business, it’s imperative to bring a light into the dark places by leveraging robust strategies and tools to protect your digital realm. This blog explores the significance of effective threat detection and response solutions and how they shield your organisation from the invisible dangers lurking in the digital shadows.
Read the full blog post here.

BullWall
NIS2: Stronger Cyber Defence for Europe. (Blog Post)
We live in a world where banking, healthcare, public transportation, and other critical services and agencies rely on computer systems. Computer systems which make them vulnerable to cyberattacks. To counter these threats the European Union has introduced NIS2, a set of rules designed to strengthen cybersecurity across Europe.
Read more here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Cybersecurity Predictions, AI-Powered Cyberthreats, Data Security and much more.

KedronUK
Cybersecurity Trends to Look Out for in 2024. (Blog Post)
In our rapidly evolving digital landscape, staying ahead of cyber threats is paramount. As we enter 2024, the world of cyber security is poised for significant changes and challenges. In this blog post, we explore four key cybersecurity trends that are likely to shape the landscape in the coming year.
Read our latest blog post here!

ExtraHop
Cybersecurity Predictions: Generative AI, Chat Services Will Assist with Sneak Attacks. (Blog Post)
In 2024, cybersecurity practitioners should watch out for three emerging tactics threat actors are likely to take to try to sneak up on organisations:

1. Attackers will increasingly turn to AI to write malware and phishing messages.
2. Threat actors will deploy rogue chat programs to deliver malicious code and steal data.
3. Attackers will target APIs in an effort to steal the data transmitted between applications.

A recent webinar from ExtraHop and Dark Reading featured a presentation about these three cybersecurity trends. For the highlights from the webinar, read the full blog post here.

Infosim
StableNet® 24 Release! (Blog Post)
Get a full overview of key changes and improvements to the industry-leading Automated network & Service management solution StableNet®. From feature additions to module enhancements and critical security updates, StableNet® 24 has plenty to explore and excite, including an all-new solution suite!
Read more here.

Keysight Technologies
10 Executive Predictions on How AI will Shape Technology in 2024. (Blog Post)
With the introduction of ChatGPT, Dall-e, and many other tools to the public, artificial intelligence (AI) has become a hotly debated topic that will continue to dominate headlines throughout the decade. Engineers are integrating AI into technologies and reaping the benefits to enhance operations, extract and leverage intelligence, and drive organisation-wide benefits across industries.
In this article, Keysight’s executives weigh in with their predictions about how AI’s influence will strengthen and impact technologies across industries as we come into 2024.
Find out more here.

Rapid7
Building the Best SOC Takes Strategic Thinking. (Blog Post)
So, your security team is ready to scale up its security operations centre, or SOC, to better meet the security needs of your organisation. That’s great news. But there are some very important strategic questions that need to be answered if you want to build the most effective SOC you can and avoid some of the most common pitfalls teams of any size can encounter.
The Gartner® report SOC Model Guide, is an excellent resource for understanding how to ask the right questions regarding your security needs and what to do once those questions are answered.
Read more here.

Heimdal
How to Complete an IT Risk Assessment (2024). (Blog Post)
In a perfect world, you’d have the resources to defend yourself against every possible cybersecurity threat and vulnerability. The reality, however, is that even the largest organisations have limited resources to dedicate to cybersecurity. An effective security strategy, therefore, needs to put managing risk at the heart of its approach.
That’s where IT risk assessments come in.
Find out more here.

Forescout
The Road Ahead: What Awaits in the Era of AI-Powered Cyberthreats? (Blog Post)
Artificial intelligence (AI) is rapidly infiltrating the business world and our daily lives. While revolutionizing how – and how efficiently – work gets done, it also introduces a new set of cybersecurity challenges. In response to the evolving, AI-shaped threat landscape, I foresee organisations adopting robust countermeasures.
Read the full blog post here.

BullWall
The Importance of Data Security in Business. (Blog Post)
In today’s ever-changing digital landscape, data has ascended to an almost sacred status. The importance of making sure that data security in business is up to date is becoming one of the most important tasks an organisation can undertake. Data breaches, intrusions, and cyber threats aren’t just the bane of IT departments; they are notorious for impacting an entire organisation. From the cost of downtime to a loss of reputation and trust, having your data compromised can negatively impact organisations of all sizes.
Read more here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

 In our rapidly evolving digital landscape, staying ahead of cyber threats is paramount. As we enter 2024, the world of cyber security is poised for significant changes and challenges. In this blog post, we explore four key cybersecurity trends that are likely to shape the landscape in the coming year. 

1. AI and Machine Learning Powered Threat Detection: 

The integration of artificial intelligence (AI) and machine learning (ML) into cybersecurity practices is not new, but its significance is set to grow in 2024. As cyber threats become more sophisticated, AI and ML algorithems play a crucial role in identifying patterns and anomalies in real-time, allowing organisations to respond swiftly to potential breaches. This trend will empower cybersecurity professionals to proactively defend against emerging threats and adapt to evolving attack methods. 

One use-case of this could be through AI/MLs ability to sift through large amounts of data and find outlying events which indicate security risks. A good example of this is ExtraHop Reveal(x), which uses AI/ML to surface detections from raw network data for SOC teams to investigate. Trying to analyse tens or hundreds of gigabytes of data would otherwise not be feasible. 

AI/ML also allows an organisation to improve or extend their security coverage, especially smaller organisations who have yet to make the step to a 24/7 SOC (either in-house or managed). The always-on nature of AI/ML, perhaps coupled with suitable remediation playbooks, can ensure the most dangerous threats are contained even if they happen outside of core business hours. 

2. Zero Trust Architecture: 

The traditional approach of trusting entities inside a network and distrusting those outsides has become outdated in the face of increasingly sophisticated cyber-attacks. Zero Trust Architecture is a paradigm shift that assumes no entity, whether internal or external, can be trusted by default. In 2024, organisations are expected to adopt Zero Trust principles more widely, implementing strict access controls, continuous monitoring, and multifactor authentication to ensure the highest level of security. This approach minimises the risk of unauthorised access and lateral movement within a network. 

Zero Trust does provide challenges in deployment, as network reconfiguration maybe required to ensure traffic is correctly routed through the relevant policy enforcement points. Thus, organisations may adopt a “long game” approach on moving to a Zero Trust model. 

3. Rise of Quantum-Safe Cryptography: 

With the advent of quantum computing on the horizon, the need for quantum-safe cryptography becomes imperative. Quantum computers have the potential to break widely used cryptographic algorithms, posing a serious threat to data security. In 2024, cybersecurity experts are likely to focus on developing and implementing quantum-resistant cryptographic methods to safeguard sensitive information. Organisations that embrace quantum-safe cryptography early will be better positioned to withstand the challenges posed by quantum computing advancements. 

4. Security Automation and Orchestration: 

As the volume and complexity of cyber threats continue to increase, the role of automation and orchestration in cybersecurity operations becomes more pronounced. In 2024, organisations will increasingly leverage security automation to streamline routine tasks, respond to incidents faster, and reduce the burden on cybersecurity teams. Automated incident response, threat intelligence sharing, and orchestration of security tools will become integral components of a robust cybersecurity strategy, allowing organisations to enhance their resilience against evolving threats. The use of playbooks is a good example to ensure any alert presented to a SOC analyst is supported by as much information as possible to support their immediate decision making. Examples of this include any files being flagged as suspicious are automatically validated against platforms such as Virus Total or IP addresses are cross-checked with threat intelligence feeds for any history in cyber-attacks.

Conclusion 

As highlighted above, AI/ML can offer tangible benefits but there is a danger that vendors rush to claim that products use it simply to be on the “bandwagon”. Thus, genuine use-cases and benefits become hidden amongst all the noise and hype. When evaluting products to add to our portfolio of tools, KedronUK look beyond to glossy datasheet to see how vendor claims really stack up and if they are the right tool for our customers. 

For more information on our full product portfolio, please contact us, or email our sales team at sales@kedronuk.com. 

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

We would firstly like to wish a Happy New Year to all our customers and suppliers! Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Mastering Industrial Cybersecurity, The Four Layers of Antivirus Security, SOC Efficiency and much more. 

KedronUK
Celebrating a Year of Growth and Milestones. (Blog Post)
2023 was an exciting year for all of us at KedronUK. It was a year of growth, new partnerships, and exciting milestones that have helped to shape our company’s narrative. Throughout this blog, we reminisce on the past year, and share some key highlights from our 2023, which we look forward to continuing throughout 2024.
Read our latest blog post here!

ExtraHop
2024 Preditctions: CISO Compensation, Job Market, and More. (Blog Post)
One thing that became clear in 2023, is that pressure on CISOs is rising. Beyond the normal everyday stresses of the role, CISOs now have to contend with the possibility of facing criminal charges for mishandling a cyber incident or misrepresenting their organisations cybersecurity posture. The prospect of being indicated over a cyberattack will have a variety of downstream effects this year. It will impact the hiring market for CISOs, affect their compensations, and change the culture around cyber whistleblowing.  
Read more here.

Infosim
The StableNet Annual Release Cycle. (Blog Post)
2023 has come to an end, so the StableNet 24 Annual Release is just around the corner. All of the improvements are in the final stages in order to get the best out of the new features and modules. Infosim would like to take this opportunity to give insight into the StableNet Annual Release Cycle and all the process that go on behind the scenes.
View the StableNet Release Process here.

Keysight Technologies
ATI – 2023 Year in Review. (Blog Post)
The Application and the Threat Intelligence team at Keysight strive to create application and security content that both reflects the modern internets realism as well as extreme versions of this that will be used to test systems in supercritical conditions. ATI released more security and application content in 2023 than in previous years while increasing the quality or complexity.
Find out more here.

Rapid7
Mastering Industrial Cybersecurity: The Significance of Combing Vulnerability Management with Detection and Response. (Blog Post)
In today’s digital era, where industries are increasingly reliant on advanced technologies, safeguarding critical infrastructure against cyber threats has become paramount. The convergence of operational technology (OT) and information technology (IT) has ushered in new efficiencies but has also exposed vulnerabilities. This blog explores the pivotal role of Vulnerability Management and Detection and Response (VM/DR) in the realm of Industrial Cybersecurity.
Read more here.

Heimdal
The Four Layers of Antivirus Security: A Comprehensive Overview. (Blog Post)
The antivirus software stands as a critical defence line against cyber-attacks. To fully understand how it operates, it’s vital to understand the found distinct layers of antivirus security. Each layer contributes to the detection and neutralisations of threats, ensuring a robust defence mechanism against various types of malware.
Find out more here.

Forescout
SOC Efficency is the New Imperative. (Blog Post)
The Cybersecurity landscape is currently undergoing significant changes. Many organisations have followed the guidance of analysts by investing in top-of-the-line products and solutions. However, they are now facing unexpected challenges. These challenges include steep financial burdens, A lack of expected return on investment, and the persistent ability of hackers to breach their security defences. As a result of these issues companies are actively exploring strategies to regain control and enhance their security posture. One key initiative is to drive the modernisation of their Security Operations Centres (SOCs). 
Read the full blog post here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL