April 2025 Industry Insights

April 2025 Industry Insights

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Enhancing OT/IoT Visibility, Network Visibility and Deep Packet Inspection, Health Industry Cybersecurity Practices, and much more.

KedronUK

Enhancing OT/IoT Visibility with Keysight & Forescout (Webinar)
Join KedronUK, Forescout, and Keysight on Wednesday 21st May at 2pm for an exclusive webinar where we will explore how organisations can achieve a comprehensive OT/IoT visibility and enhance security through cutting-edge solutions.

Register for the webinar here!

BullWall

Health Industry Cybersecurity Practices. (Blog Post)
The health industry continues to evolve rapidly, meaning the digital imprint of the healthcare industry grows daily. Although access to electronic health records (EHRs), telemedicine, and connected medical devices are revolutionising patient care, more patient information is stored in systems that cybercriminals are trying to access illegally.

Many in the health industry are unaware that every connected system is a potential entry point for cybercriminals, making BullWall Ransomware Containment a necessary solution. Even fewer understand the many ways a ransomware attack impacts healthcare organisations.

Find out more here.

Forescout

Rethinking Enterprise Security in IT and OT Systems. (Blog Post)
Every enterprise thinks they know what’s on their network. Until they don’t. When they don’t, security teams are paralysed, compliance efforts stall, and attacks slip through unnoticed.

The root of the issue? A false of visibility in increasingly complex, interconnected environments. Smart factories. Smart medical devices. Self-driving cars. Todays world is becoming more and more intertwined with cyber-physical systems.

Modern IT and OT systems and networks are under siege from a growing flood of alerts, fragmented tools, and unmanaged, specialised devices. Visibility is patchy, alerts are noisy, and security teams are stretched thin.

Read more a here and find out how Forescout uncover and understand everything on your network.

Logpoint

Logpoint’s release: Reduce operational burden and gain efficiency. (Blog Post)
According to the European Union Agency for Cybersecurity’s (ENISA) 2024 report, the industry-wide talent gap continues to challenge security teams, leading to inefficiencies and increased workloads. Recognising these challenges, Logpoint’s latest release is designed to reduce operational burdens, enhance efficiency, and improve security outcomes. With a strong focus on automation, centralised monitoring and centralised management, this release helps SOC teams and MSSPs streamline their workflows, scale their operations and maximise their security investments.

Find out more here.

Rapid7

Why is Ransomware Still a Thing in 2025? (Blog Post)
We all know ransomware is one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new – ransomwares been around since 1989 – but because we are making it far too easy for threat actors.

Ransomware remains a crisis because we are still giving attackers the upper hand. To regain control, we need to understand how we’ve made it so easy for them, and what we can do to change that.

Read more here.

Keysight Technologies

Network Visibility and Deep Packet Inspection (DPI) Deliver Better Threat Detection Together. (Blog Post)
Most modern cybersecurity strategies feature deep packet inspection (DPI) capabilities that help to find and flag potential cyber threats faster. After a quick update on DPI, we’ll see how network visibility makes DPI more powerful and efficient and how you can leverage these capabilities together to keep data safe in the cloud and in the age of AI.

Find out more here.

ExtraHop

A Modern Approach to Network Detection & Response. (Blog Post)
The current cybersecurity environment is characterised by relentless barrage of sophisticated threats, demanding equally sophisticated defences. However, cyberattacks over the last several years have proven time and time again that traditional defences alone cannot defend the modern enterprise.

With security leaders increasingly recognising the dire need to detect and respond to lateral movement throughout their hybrid networks. NDR has reached a crucial stage of maturity: evolve from a promising concept to an adaptable, integrated solution that aligns with the realities of the modern enterprise.

Read more about the Modern NDR approach here.

Chris Booth

Chris Booth

Solution Architect

Listens to your problems, then identifies the best tools and products to build solutions.

February 2025 Industry Insights

February 2025 Industry Insights

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Security Thoughts for 2025, Zero Trust Principles, AI- Powered Visibility, and much more.

KedronUK

Security Thoughts for 2025 (Blog Post)
Beyond AI, cybersecurity challenges continue to evolve. Effective vulnerability management requires more than just CVSS scores, and supply chain attacks highlight the need for greater scrutiny of third-party providers. Meanwhile, advancements in quantum computing could reshape encryption and cloud security.

As we navigate 2025, understanding these trends will be key to staying ahead in an increasingly complex digital landscape.

Please see the full blog here!

BullWall

Why Hospital Cybersecurity is More Than Protecting Patient Data. (Blog Post)
Today, hospitals are more than just medical facilities to be referred to for surgery or emergency healthcare needs; they’re complex ecosystems of interconnected services house value patient data.

Though modern medicine and the systems and servers used to store data have allowed quicker and safer patient care, they are also frequent targets of cybercriminals. Since the healthcare industry, especially hospital networks and medical facilities, is a frequent target of cyber-attacks, it is important to have a ransomware resilience tool prior to an attack.

If BullWall Ransomware Containment is in place when a cybercriminal attack happens, the spread will be halted, compromised devices will be instantly isolated, and encryption will be prevented. Find out more here.

Forescout

Zero Trust Principles: Address Asset Visualisation and Classification. (Blog Post)
Forescout has developed a step-by-step approach to realising Zero Trust security. They call it “The Adaptive Approach to Zero Trust Assurance,” and it’s designed to help meet zero trust mandates faster with a simplified transition roadmap. 2024 saw a rise in cyber threats and regulatory pressures. Personal liability for CISOs increased along with the number of audit requirements needed to prove compliance and quantify organisational exposure and risks.
To defend against these threats, organisations that want to be proactive must assume a breach mindset: Acknowledge the inevitability of a breach with active defences that minimize its impact.

It starts by addressing the most critical assets in the business with the principles of Zero Trust. Read more about Zero Trust here.

Infosim

KRITIS, DORA, NIS1 – Knowledge for Network Management. (Blog Post)
In an era of increasing cybersecurity risks and regulatory pressure, network operators must navigate a complex landscape of compliance frameworks. Three key regulations—KRITIS, DORA, and NIS 2—are shaping the future of network management and reporting requirements. While each framework serves a distinct purpose, they share common goals in strengthening resilience, cybersecurity, and operational stability across critical infrastructure. Understanding their differences and similarities is essential for network operators to ensure compliance and optimize their security strategies.

Find out more here.

Rapid7

MDR + SIEM: Why Full Access to Your Security Logs Is Non-Negotiable. (Blog Post)
Many Managed Detection and Response (MDR) providers promise world-class threat detection, but behind the scenes they lock away your security logs, limiting your visibility and control. It’s your data — so why don’t you have full access to it? Isn’t the whole point of security to see everything happening in your environment? Without full access to your own data, you’re left dependent on their tools, their timelines, and their interpretations of security events.

This isn’t just an inconvenience — it’s a risk.

Find out more about pairing MDR with SIEM here.

Keysight Technologies

The Sooner the Better: AI-Powered Visibility Accelerates Threat Detection and IT Operations. (Blog Post)
We expect Artificial intelligence (AI) to speed up processes and drive down costs, and that seems to be what’s happening in cybersecurity. A recent survey found that 1 in 5 organizations now use AI in their cybersecurity practices, and their investments paid high dividends on multiple fronts – like faster threat detection, lower breach costs, and reduced strain on overworked SOC teams.

After a quick update on the role and value of AI, Keysight introduce a new generation of AI-powered network visibility and explain why applying AI earlier in the process helps to find threats faster and give defenders an even greater advantage.

Read more here.

ExtraHop

Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
Network detection and response (NDR) refers to cybersecurity products that ingest and analyse network traffic to detect malicious activity. Where endpoint detection and response (EDR) tools collect and analyse endpoint data and behavior, network detection and response solutions work off wire data from network packets traversing the east-west and north-south corridors.

According to Gartner®, “Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyse raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south).

Find out more about NDR here.

Chris Booth

Chris Booth

Solution Architect

Listens to your problems, then identifies the best tools and products to build solutions.

January 2025 Industry Insights

January 2025 Industry Insights

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on OT/IoT Visibility, Medical Ransomware, 2025 Cybersecurity Predictions, and much more.

KedronUK

OT/IoT Visibility Survey Report (Blog Post)
Although the integration of IT with OT, ICS, and IoT/IoMT networks allow for streamlines process, predictive maintenance, and enhanced data analysis capabilities, it also introduces significant challenges, particularly in the realm of cybersecurity.

In response to these challenges, we conducted a survey in partnership with Keysight Technologies and Forescout Technologies, to better understand how enterprises are approaching the integration of these diverse systems.

Please see the full report and summary of responses here!

BullWall

How BullWall Strengthens Resilience Against Medical Ransomware. (Blog Post)
The healthcare industry has become a prime target for ransomware attacks, with cybercriminals increasingly focusing on hospitals, clinics, and medical device manufacturers. Medical ransomware attacks compromise critical healthcare systems, disrupt patient care, and pose significant risks to sensitive patient data. For healthcare organisations, where every second counts, and downtime caused by ransomware can have devastating consequences – delayed treatments, financial losses, and even threats to patient safety.

Find out more about medical ransomware attacks here.

Forescout

7 Cybersecurity Predictions for 2025. (Blog Post)
As we quickly approach a new year, the threat landscape is evolving. Here, we share the most pressing cybersecurity predictions across critical infrastructure, operational technology (OT), ransomware, artificial intelligence, the supply chain, and more.

In 2025, the cybersecurity landscape will be defined by sophisticated, multi-layered threats from AI assisted hacking to persistent ransomware and targeted OT attacks. As threat actors evolve their tactics, organisations must stay proactive and use the latest technologies and strategies to protect their critical infrastructure and assets.

Read more here.

Infosim

How to Identify Better Ways to Manage Your Managed Service. (Blog Post)
Managed Service Providers (MSPs) play a crucial role in keeping IT operations running smoothly for their customers. From managing IT security to overseeing entire infrastructures, MSPs take on the heavy lifting so businesses can focus on what they do best.

But having the right tools in place is non-negotiable. Transparent, efficient, and seamless operations depend on them. The problem? The tech landscape is constantly evolving, and customer demands are only getting bigger. This makes building the perfect tech stack a real challenge. For MSPs, it’s all about staying ahead of the curve and proving they’ve got everything covered, no matter how complex the environment gets.

Read the full blog post here.

Rapid7

Unlocking the Power of AI in Cybersecurity. (Blog Post)
Todays SOC teams have to face dramatic challenges that include overwhelming volumes of alerts, blurred perimeter protections, and resource constraints; meanwhile, AI is bursting into SOC workflows as one of the most important elements in addressing these issues more productively and letting teams truly focus on what matters most.

See details from Rapid7’s recent webinar here.

Keysight Technologies

Keysight Launches All-in-One Solution for Network Visibility and Security. (Blog Post)
Keysight Technologies launched AppFusion, a network visibility partner program that integrates third-party security and monitoring solutions directly into its network packet brokers. The program integrates market-leading technologies from Forescout, Instrumentix, and Nozomi Networks enabling customers to streamline network and security operations (NetOps/SecOps) while significantly reducing infrastructure costs. This all-in-one, multi-vendor solution helps IT professionals reduce capital and operations expenses while improving security monitoring and performance.

Find out more here.

Logpoint

EDR Killers: After All, EDRs Are Not Invincible. (Blog Post)
Endpoint Detection and Response (EDR) tools are our frontline warriors in the ever-evolving cybersecurity battlefield. Yet, a new menace is taking shape: EDR killers – tools designed to impair these defences, leaving organisations exposed to devastating attacks.

Read more here.

ExtraHop

Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
For IT and security teams, remote monitoring and management (RMM) software, such as AnyDesk, ConnectWise, ScreenConnect, and Splashtop are a lot like cordless electric chainsaws. On one hand, they make tedious tasks like remote pitch installation and troubleshooting far faster and easier. But on the other hand, because they allow remote users such as helpdesk admins to take control of an end users computer, threat actors are increasingly exploiting legitimate RMM software to establish an interactive command and control (C2) channel, move laterally across an organisations network, maintain persistence, and fly under the radar of traditional detection by blending in with legitimate operations.

Find out more here.

Chris Booth

Chris Booth

Solution Architect

Listens to your problems, then identifies the best tools and products to build solutions.

Merry Christmas from KedronUK!

Merry Christmas from KedronUK!

First of all, Merry Christmas from all of us at KedronUK! It’s that time of year where, as a company, we like to reflect on the past year, and share what KedronUK has been working on, our view of what we’ve seen in the market over the last 12 months, and what some of our plans are for the next 12 months.

Welcoming New Faces to the KedronUK Family
This year, our team has expanded more than ever with the addition of five talented individuals who have seamlessly become integral parts of our sales team. Join us in welcoming:

  • Maisie Cornwall – Business Development Assistant.
  • Umer Khan – Account Executive 
  • Joshua Phillipus – Internal Sales Executive.
  • Thabo Molibola – Internal Sales Executive. 
  • Wendy Mahashe – Business Development Assistant. 

Their expertise and enthusiasm have undoubtedly contributed to the success of our projects and the overall positive vibe within our work environment. 

We’ve also seen a number of role changes in the past year with: 

  1. Phil Simms being promoted to Sales Manager.
  2. Jeegar Shah being promoted to Technical Support & Delivery Team Leader.
  3. Emma Fox changing roles from Sales to Assistant Project Manager. 

Meeting More Customers in Multiple Industries at Events throughout the Year
This year we’ve enjoyed attending and exhibiting at more events than ever before with a particular highlight being exhibiting in partnership with Infosim at Connected Britain at London Excel. This demonstrated our integrated approach to Network Management and CMDB

We also hosted more #NoSalesPitch events at unique venues across the country, where we focussed on hot topics for Cyber Security and IT Operations and create an ideal peer to peer networking environment around fun activities.

Our Key Partners & New Technologies
Last year we saw a number of change in this area, due to changes of ownership of some of our partners, and also because of new questions being asked by our customers.

In 2024 we’ve looked to stabilise that portfolio and really hone down on those technologies, and make sure we continue to keep our focus on the area visibility across NOC and SOC. 

We have made sure that we don’t dilute our skill set and maintain our ability to not only provide disruptive technologies, but also that we are able to deliver and support them to the high standards our customers expect. 

Keys Partnerships remain with: Infosim, Keysight, Rapid7, ExtraHop, BullWall, Opsramp, Logpoint, Thales, SolarWinds, Allegro Packets, and Instana

And despite the above emphasis, we did welcome new partnerships with:

FNT Software – Delivers tools to plan, document, and manage network resources across hybrid environments.

 UXM – Digital Experience Monitoring for any application

The Market
We found the market to be cautious this year with greater scrutiny on decisions, even with trusted providers and technology. We believe this to be related to pressure on budgets and economic uncertainty driven by political events. Although that sounds challenging, we actually found the reality and result of this validation that the technology we provide and the way in which we deliver is what our customers need and want. 

Customers tell us that they are short on resource, and the areas in which we work are critical to their organisations success. They need to be able to do more with less and ensure that the projects they commission in these areas are successful and delivered on time. 

All of this plays into Kedron’s strengths, and although some decisions we sometimes delayed due to the scrutiny, we still were successful in wining those key projects and strengthened existing customer relationships. 

We have also commissioned a new Customer Experience initiative where we have automated the process of receiving customer customer feedback in a structured way to make sure we are listening to our customers and acting on suggestion they provide. This has already provided excellent insight. 

Looking Forward to 2025
We have some very exciting projects commencing across all business lines in 2025 and will be growing our team again as a result. 

In the coming weeks and months you will see increased emphasis on our Managed Solution via our own Totuus Brand and Technology, where we look to address our customers challengers via providing the right technology as a service, where they still maintain the control and flexibility that we know large and secure organisations need. 

We will be running and attending even more events and looking to meet in person even more of you. 

And finally, we will look to be winning more projects to support our growth and to continue winning them the right way; by putting forward the best technology forwards delivered by the best people, our team and then standing by the results we promise.

And Finally… 

We’d like to thank our Customers and Partners for their support over the last 12 months, we hope you all have some great time off with your loved ones and we look forward to seeing you all in 2025. 

Merry Christmas, and a very Happy New Year, from all of us at KedronUK!

 

 

Chris Booth

Chris Booth

Solution Architect

Listens to your problems, then identifies the best tools and products to build solutions.

February 2025 Industry Insights

September 2024 Industry Insights

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Cyber Threats, Network Visibility, EDR vs. SIEM, and much more.

KedronUK

Current Cyber Threats and How to Prevent Them (Blog Post)
In our increasingly digital world, cyber-attacks pose a significant threat to both individuals and organisations. Understanding these threats and learning how to protect yourself is essential. This blog post delves into some of the most common cyber-attacks, providing detailed insights and practical prevention tips.

Read the full blog here!

ExtraHop

Stop Breaches with Network Visibility. (Blog Post)
One of the biggest challenges facing security teams is that attackers know defenders can’t watch everything, particularly if defenders lack network visibility. Without network visibility, not only are organisations blind to how attackers are moving through their environment, but they also have extremely limited visibility into the systems and data bad actors are accessing.

Read more here.

Infosim

Netconf/YANG: The Future of Network Configuration. (Blog Post)
Your network’s health is crucial for keeping things running smoothly and ensuring you maintain top-notch service availability. At the heart of it all you need a smart network management solution that lets you make quick, automated configurations and stay ahead of potential issues.

One of the biggest causes of network problems? Human error from manual configuration mistakes. That’s why the tech world is constantly looking for better ways to manage networks more efficiently, dynamically, and—importantly—standardized across different systems.

Find out more here.

BullWall

Protecting the Manufacturing Industry from Ransomware Attacks. (Blog Post)
The manufacturing industry, a cornerstone of the global economy, faces a growing threat from ransomware attacks. The cyberattacks can cause severe damage, leading to costly downtime, production delays, and a multitude of other critical issues.

Read the full blog post here.

Rapid7

Proactive Visibility is Foundational to Strong Cybersecurity. (Blog Post)
Exposures are more than CVEs, so organisations need to move beyond the traditional thinking of vulnerability management to a holistic view. Part of that view must be greater visibility into devices, users, applications, and all the digital infrastructure connected to an organisation’s environment. Gaps in that view create risk exposure. Organisations must proactively identify anything that presents a risk to determine whether to act.

Read more here.

Heimdal

EDR vs. SIEM. (Blog Post)
When it comes to threat detection, it’s important to get the right tools for the job. Unfortunately, that can be easier said than done. Whether it’s a SIEM, EDR, XDR, MDR or any of a whole range of other confusing and overlapping terms, there are a lot of products on the market. EDR and SIEM solutions are two of the most common. And to add to the confusion, some companies will need both products, some need one or the other, and others neither.

Read more here, for everything you need to know about EDR vs. SIEM.

Forescout

Cybersecurity in Manufacturing: 5 Challenges to Overcome. (Blog Post)
Executing cybersecurity in manufacturing environments can feel like an uphill battle. With ransomware lurking in the shadows and supply chain risk constantly evolving, it’s easy to feel overwhelmed. Compliance regulations only add more pressure, leaving many wondering where to even begin.

Read more here.

Appgate

Another Wake-Up Call to Embrace Zero Trust Network Access. (Blog Post)
The exploitation of this SonicWall vulnerability by ransomware actors, notably the Akira group, mirrors the Ivanti VPN vulnerabilities that sent shockwaves through the cybersecurity landscape earlier this year. These incidents highlight a recurring pattern: threat actors are increasingly targeting VPNs via exposed infrastructure, shifting their focus from endpoints to the very devices meant to protect us.

Find out more here.

Chris Booth

Chris Booth

Solution Architect

Listens to your problems, then identifies the best tools and products to build solutions.