Here at Central, we have over 30 years’ experience within the tech industry. We’re passionate about IT and doing a great job for our customers, and we pride ourselves on being a trusted partner that organisations know they can rely on – no matter the time of day, or level of support required.

Our mission is to put IT at the heart of business – ensuring only the right strategic solutions are implemented. And this is something we achieve by working with our network of best-in-class partners.

That’s why, in our partner-led blog series, we’re shining a spotlight on the innovative companies we work with – exploring what they do, how they work with Central, and their top tips and advice related to their specialist field.

Next up, it’s Jonathan Burgoyne, senior account director and EMEA team lead at Darktrace…

1.  Tell us a bit about your organisation: 

Founded by mathematicians and cyber defence experts in 2013, Darktrace is a global leader in cybersecurity AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption. ~8,800+ customers of all sizes trust Darktrace’s technology to mitigate risk from the world’s most complex threats — including ransomware, cloud, and Software as a Service (SaaS) attacks.

2. And if you had to sum up your expertise in three words, what would they be?

Self-learning AI.

3. Describe your relationship with Central? 

We support Central and their customers when questions arise such as:

• “We have lean resource in our team, with only a few IT people/one security person/no security specialists.. So how can we proactively monitor our hybrid estate 24/7, to mitigate the risk of anything being missed if it gets through our perimeter?
• “What about 24/7 Response — how can we plug that gap? If ransomware/data loss/an account compromise starts happening, there’s nobody there to pick that up.”
• “We’ve seen an uptick in sophisticated emails bypassing our filter and reaching users’ inboxes (some of which they click on). What additional layer can we add to reduce this happening, especially instances of social engineering, Zero-Days and supply chain compromise.”
• “How can we be more proactively preventative in our efforts, or heal quickly when it comes to incident response and preparation?”

4. And how long have you worked together?

Central and Darktrace have been in partnership for three years (about a third of the time that Darktrace has existed). 

5. What is the cyber AI loop  and why is it important for organisations?

By leveraging self-learning AI that learns ‘you’ and your business ‘on the job’ without human resources to configure a virtuous cycle of continuous improvement and adaptive cybersecurity, organisations can stay ahead of the curve.

6. Share a top tip on how companies can make their cyber security strategy more robust:

People. Process. Technology.

It's not enough to just buy state-of-the-art tools or solutions. You need the right people with the right skills and well-defined processes to make sure these tools actually work and keep your company safe from cyber threats.

Best practice is to team up with vendors who can provide different functions, so there's no redundancy. This way, you're covering more bases and making it harder for attackers. It's like building layers of defence to protect your company's valuable information.

7. Describe what it’s like working with Central in one sentence:

An absolute pleasure. It’s awesome when a partner really ‘gets’ the mission and understands what customers are aiming to achieve, and they place trust in us by leveraging our solutions.

8. What are the biggest cyber security challenges facing businesses over the next 12 months?

Over the next year, organisation will continue to grapple with escalating MFA attacks, persistent 'hacktivism,' growing instances of crypto-jacking, increasingly sophisticated ransomware threats, and an imperative for proactive security measures to safeguard against these evolving cyber risks.

My colleague and Darktrace’s head of threat analysis, Toby Lewis, recently wrote an article that details more of our 2023 cyber security predictions. You can find it here, if you’re interested in reading more.

10.   And how has the cyber threat landscape evolved over the years?

It’s evolved in two key ways:

1. The ‘good folks’ have more to look after. There are more ‘ways in and out’ now than there was historically, with the proliferation of cloud, SaaS, endpoint and hybrid environments. It means IT and security teams have more to protect with (typically) the same or less resource to do so.
2. The ‘bad folks’ are getting better at what they do. Increasingly, they’re able to leverage AI and effective techniques at scale to exploit zero day vulnerabilities, social engineering and cause more damage — which can drive higher ROI for malicious activity.

11. Finally, what should organisations’ biggest priority be when investing in cyber security solutions? 

Ensuring your tech stack doesn’t overlap in the approach each solution takes towards cyber security and mitigating risk for your business.

If there’s a bunch of perimeter tools that focus on what perpetrators have done before and what they might do next (rules, signatures, training data-based technologies), then that will absolutely take care of a majority of the risk.

But it does leave a gap for businesses when management asks ”‘okay, but what if something (like ransomware) does get through these defences? How will we know it is happening? How will we respond to contain it, especially since the team can’t work 24/7?”

That’s where it becomes important to have something, like a Darktrace solution, that aims for the same end-goal — minimising cyber risk — from an opposite direction.

If you possess a solution that concentrates on understanding the typical behaviour of legitimate users within your organisation, then any unusual activity that strays from this established norm, regardless of where it occurs within your combination of on-premises and cloud systems, will trigger a system that is simultaneously attentive to both favourable (normal operations for your business) and unfavourable (recognised attack patterns) actions. This layered approach aims to provide a more thorough and comprehensive defence strategy.

If you have any questions about any of the content covered above, please do get in touch. And for more news and updates, be sure to follow Central on Twitter and LinkedIn.

Here at Central, we have over 30 years’ experience within the tech industry. We’re passionate about IT and doing a great job for our customers, and we pride ourselves on being a trusted partner that organisations know they can rely on – no matter the time of day, or level of support required.

Our mission is to put IT at the heart of business – ensuring only the right strategic solutions are implemented. And this is something we achieve by working with our network of best-in-class partners.

That’s why, in our new blog series, we’re shining a spotlight on the innovative companies we work with – exploring what they do, how they work with Central, and their top tips and advice.

First up, it’s Harman Singh, Director from Cyphere.

Tell us a bit about your organisation:

Cyphere are a specialist cyber security services provider based out of Greater Manchester and serving globally. Providing technical security assessments and managed security services, we understand, analyse and help solve customer business problems. Working on ‘both sides of the fence’, our expertise includes both offensive and defensive security.

And if you had to sum up your expertise in three words, what would they be?

Cyber security, laughs, and drinks (sometimes!).

Describe your relationship with Central?

Central are trusted partners of Cyphere, who support us in serving customers across multiple sectors — throughout the UK. Central’s team and Cyphere’s cyber skill set are a great market fit for our customers, something which is evidenced by positive client feedback. 

And how long have you worked together?

3 years.

What is penetration testing and why is it important for organisations?

Penetration testing involves running simulation exercises to perform in-depth checks against the security controls in place within an organisation. This exercise could be targeted at web apps, networks, APIs, mobile apps or devices. 

A black box pen test is carried out with zero information from the customer, and therefore replicates more closely the approach that a malicious attacker might take in gaining access to a system. 

A white box pen test, on the other hand, is an exercise carried out with prior network and systems information from the customer. While a different approach, this method ensures the specific depth of assessment required and can provide a more targeted method of evaluation through which we can meet a business’s specific objectives. 

Put simply, we safely mimic actual hackers in order to show our customers where their information is at risk. These tests are followed by guidance which informs businesses of ways to secure their assets.

Share a top tip on how companies can protect their data from a breach:

Brought together, people, processes, and tech can help improve cyber security maturity in any organisation.

In our view, it is not ok to blame people for clicking links. Instead, encouraging staff to utilise any resources available to them to help bolster knowledge around cybersecurity, while underlining its importance via internal culture and processes, is vital. With these steps in place, using tech to add another layer of defensive controls will help bring everything together. Without using all three in tandem, it’s impossible to thoroughly safeguard an organisation. 

Describe what it’s like working with Central in one sentence:

Professional.

What are the biggest cyber security threats facing businesses over the next 12 months

Ensuring basic hygiene on an ongoing basis, supply chain concerns, and gaps during the transition to cloud — or in the cloud — are the main issues arising from digital transformations happening across the globe.

It's critical that organisations know their ‘unknowns’ early, then analyse and act on them in line with a proactive approach to cyber security. Taking shortcuts in cyber security can prove expensive, or worse still you could find that the damage caused by such a move is already too late to act upon.

What is a common mistake organisations make when it comes to cyber security?

Assuming products are already in place, and that they are adequate, or living under the ‘we’re too small to be attacked’ assumption.

And how has the cyber security landscape evolved over the years?

Cybersecurity has come a long way in the last few years. Earlier in the last decade, ransomware was a relatively unknown concept, and now it is one of the most common types of malware. 

Additionally, due to technological advances around mobile, web and cloud, the number of data breaches has increased significantly, as has the cost of such incidences. Cybersecurity experts are constantly working to stay ahead of the latest threats, and businesses are increasingly aware of the importance of protecting their data.

Finally, what are your hopes for the future of the IT sector?

The IT sector has grown exponentially in recent years, and it appears this trend will continue. The sector is expected to benefit from continued growth in the global economy, rising consumer demand, and advances in technology. In addition, the sector is becoming increasingly important in terms of job creation and economic development.

If you have any questions about any of the content covered above, please do get in touch. And for more news and updates, be sure to follow Central on Twitter and LinkedIn.