Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Security Thoughts for 2025, Zero Trust Principles, AI- Powered Visibility, and much more.

KedronUK

Security Thoughts for 2025 (Blog Post)
Beyond AI, cybersecurity challenges continue to evolve. Effective vulnerability management requires more than just CVSS scores, and supply chain attacks highlight the need for greater scrutiny of third-party providers. Meanwhile, advancements in quantum computing could reshape encryption and cloud security.

As we navigate 2025, understanding these trends will be key to staying ahead in an increasingly complex digital landscape.

Please see the full blog here!

BullWall

Why Hospital Cybersecurity is More Than Protecting Patient Data. (Blog Post)
Today, hospitals are more than just medical facilities to be referred to for surgery or emergency healthcare needs; they’re complex ecosystems of interconnected services house value patient data.

Though modern medicine and the systems and servers used to store data have allowed quicker and safer patient care, they are also frequent targets of cybercriminals. Since the healthcare industry, especially hospital networks and medical facilities, is a frequent target of cyber-attacks, it is important to have a ransomware resilience tool prior to an attack.

If BullWall Ransomware Containment is in place when a cybercriminal attack happens, the spread will be halted, compromised devices will be instantly isolated, and encryption will be prevented. Find out more here.

Forescout

Zero Trust Principles: Address Asset Visualisation and Classification. (Blog Post)
Forescout has developed a step-by-step approach to realising Zero Trust security. They call it “The Adaptive Approach to Zero Trust Assurance,” and it’s designed to help meet zero trust mandates faster with a simplified transition roadmap. 2024 saw a rise in cyber threats and regulatory pressures. Personal liability for CISOs increased along with the number of audit requirements needed to prove compliance and quantify organisational exposure and risks.
To defend against these threats, organisations that want to be proactive must assume a breach mindset: Acknowledge the inevitability of a breach with active defences that minimize its impact.

It starts by addressing the most critical assets in the business with the principles of Zero Trust. Read more about Zero Trust here.

Infosim

KRITIS, DORA, NIS1 – Knowledge for Network Management. (Blog Post)
In an era of increasing cybersecurity risks and regulatory pressure, network operators must navigate a complex landscape of compliance frameworks. Three key regulations—KRITIS, DORA, and NIS 2—are shaping the future of network management and reporting requirements. While each framework serves a distinct purpose, they share common goals in strengthening resilience, cybersecurity, and operational stability across critical infrastructure. Understanding their differences and similarities is essential for network operators to ensure compliance and optimize their security strategies.

Find out more here.

Rapid7

MDR + SIEM: Why Full Access to Your Security Logs Is Non-Negotiable. (Blog Post)
Many Managed Detection and Response (MDR) providers promise world-class threat detection, but behind the scenes they lock away your security logs, limiting your visibility and control. It’s your data — so why don’t you have full access to it? Isn’t the whole point of security to see everything happening in your environment? Without full access to your own data, you’re left dependent on their tools, their timelines, and their interpretations of security events.

This isn’t just an inconvenience — it’s a risk.

Find out more about pairing MDR with SIEM here.

Keysight Technologies

The Sooner the Better: AI-Powered Visibility Accelerates Threat Detection and IT Operations. (Blog Post)
We expect Artificial intelligence (AI) to speed up processes and drive down costs, and that seems to be what’s happening in cybersecurity. A recent survey found that 1 in 5 organizations now use AI in their cybersecurity practices, and their investments paid high dividends on multiple fronts – like faster threat detection, lower breach costs, and reduced strain on overworked SOC teams.

After a quick update on the role and value of AI, Keysight introduce a new generation of AI-powered network visibility and explain why applying AI earlier in the process helps to find threats faster and give defenders an even greater advantage.

Read more here.

ExtraHop

Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
Network detection and response (NDR) refers to cybersecurity products that ingest and analyse network traffic to detect malicious activity. Where endpoint detection and response (EDR) tools collect and analyse endpoint data and behavior, network detection and response solutions work off wire data from network packets traversing the east-west and north-south corridors.

According to Gartner®, “Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyse raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south).

Find out more about NDR here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on OT/IoT Visibility, Medical Ransomware, 2025 Cybersecurity Predictions, and much more.

KedronUK

OT/IoT Visibility Survey Report (Blog Post)
Although the integration of IT with OT, ICS, and IoT/IoMT networks allow for streamlines process, predictive maintenance, and enhanced data analysis capabilities, it also introduces significant challenges, particularly in the realm of cybersecurity.

In response to these challenges, we conducted a survey in partnership with Keysight Technologies and Forescout Technologies, to better understand how enterprises are approaching the integration of these diverse systems.

Please see the full report and summary of responses here!

BullWall

How BullWall Strengthens Resilience Against Medical Ransomware. (Blog Post)
The healthcare industry has become a prime target for ransomware attacks, with cybercriminals increasingly focusing on hospitals, clinics, and medical device manufacturers. Medical ransomware attacks compromise critical healthcare systems, disrupt patient care, and pose significant risks to sensitive patient data. For healthcare organisations, where every second counts, and downtime caused by ransomware can have devastating consequences – delayed treatments, financial losses, and even threats to patient safety.

Find out more about medical ransomware attacks here.

Forescout

7 Cybersecurity Predictions for 2025. (Blog Post)
As we quickly approach a new year, the threat landscape is evolving. Here, we share the most pressing cybersecurity predictions across critical infrastructure, operational technology (OT), ransomware, artificial intelligence, the supply chain, and more.

In 2025, the cybersecurity landscape will be defined by sophisticated, multi-layered threats from AI assisted hacking to persistent ransomware and targeted OT attacks. As threat actors evolve their tactics, organisations must stay proactive and use the latest technologies and strategies to protect their critical infrastructure and assets.

Read more here.

Infosim

How to Identify Better Ways to Manage Your Managed Service. (Blog Post)
Managed Service Providers (MSPs) play a crucial role in keeping IT operations running smoothly for their customers. From managing IT security to overseeing entire infrastructures, MSPs take on the heavy lifting so businesses can focus on what they do best.

But having the right tools in place is non-negotiable. Transparent, efficient, and seamless operations depend on them. The problem? The tech landscape is constantly evolving, and customer demands are only getting bigger. This makes building the perfect tech stack a real challenge. For MSPs, it’s all about staying ahead of the curve and proving they’ve got everything covered, no matter how complex the environment gets.

Read the full blog post here.

Rapid7

Unlocking the Power of AI in Cybersecurity. (Blog Post)
Todays SOC teams have to face dramatic challenges that include overwhelming volumes of alerts, blurred perimeter protections, and resource constraints; meanwhile, AI is bursting into SOC workflows as one of the most important elements in addressing these issues more productively and letting teams truly focus on what matters most.

See details from Rapid7’s recent webinar here.

Keysight Technologies

Keysight Launches All-in-One Solution for Network Visibility and Security. (Blog Post)
Keysight Technologies launched AppFusion, a network visibility partner program that integrates third-party security and monitoring solutions directly into its network packet brokers. The program integrates market-leading technologies from Forescout, Instrumentix, and Nozomi Networks enabling customers to streamline network and security operations (NetOps/SecOps) while significantly reducing infrastructure costs. This all-in-one, multi-vendor solution helps IT professionals reduce capital and operations expenses while improving security monitoring and performance.

Find out more here.

Logpoint

EDR Killers: After All, EDRs Are Not Invincible. (Blog Post)
Endpoint Detection and Response (EDR) tools are our frontline warriors in the ever-evolving cybersecurity battlefield. Yet, a new menace is taking shape: EDR killers – tools designed to impair these defences, leaving organisations exposed to devastating attacks.

Read more here.

ExtraHop

Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
For IT and security teams, remote monitoring and management (RMM) software, such as AnyDesk, ConnectWise, ScreenConnect, and Splashtop are a lot like cordless electric chainsaws. On one hand, they make tedious tasks like remote pitch installation and troubleshooting far faster and easier. But on the other hand, because they allow remote users such as helpdesk admins to take control of an end users computer, threat actors are increasingly exploiting legitimate RMM software to establish an interactive command and control (C2) channel, move laterally across an organisations network, maintain persistence, and fly under the radar of traditional detection by blending in with legitimate operations.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Cyber Threats, Network Visibility, EDR vs. SIEM, and much more.

KedronUK

Current Cyber Threats and How to Prevent Them (Blog Post)
In our increasingly digital world, cyber-attacks pose a significant threat to both individuals and organisations. Understanding these threats and learning how to protect yourself is essential. This blog post delves into some of the most common cyber-attacks, providing detailed insights and practical prevention tips.

Read the full blog here!

ExtraHop

Stop Breaches with Network Visibility. (Blog Post)
One of the biggest challenges facing security teams is that attackers know defenders can’t watch everything, particularly if defenders lack network visibility. Without network visibility, not only are organisations blind to how attackers are moving through their environment, but they also have extremely limited visibility into the systems and data bad actors are accessing.

Read more here.

Infosim

Netconf/YANG: The Future of Network Configuration. (Blog Post)
Your network’s health is crucial for keeping things running smoothly and ensuring you maintain top-notch service availability. At the heart of it all you need a smart network management solution that lets you make quick, automated configurations and stay ahead of potential issues.

One of the biggest causes of network problems? Human error from manual configuration mistakes. That’s why the tech world is constantly looking for better ways to manage networks more efficiently, dynamically, and—importantly—standardized across different systems.

Find out more here.

BullWall

Protecting the Manufacturing Industry from Ransomware Attacks. (Blog Post)
The manufacturing industry, a cornerstone of the global economy, faces a growing threat from ransomware attacks. The cyberattacks can cause severe damage, leading to costly downtime, production delays, and a multitude of other critical issues.

Read the full blog post here.

Rapid7

Proactive Visibility is Foundational to Strong Cybersecurity. (Blog Post)
Exposures are more than CVEs, so organisations need to move beyond the traditional thinking of vulnerability management to a holistic view. Part of that view must be greater visibility into devices, users, applications, and all the digital infrastructure connected to an organisation’s environment. Gaps in that view create risk exposure. Organisations must proactively identify anything that presents a risk to determine whether to act.

Read more here.

Heimdal

EDR vs. SIEM. (Blog Post)
When it comes to threat detection, it’s important to get the right tools for the job. Unfortunately, that can be easier said than done. Whether it’s a SIEM, EDR, XDR, MDR or any of a whole range of other confusing and overlapping terms, there are a lot of products on the market. EDR and SIEM solutions are two of the most common. And to add to the confusion, some companies will need both products, some need one or the other, and others neither.

Read more here, for everything you need to know about EDR vs. SIEM.

Forescout

Cybersecurity in Manufacturing: 5 Challenges to Overcome. (Blog Post)
Executing cybersecurity in manufacturing environments can feel like an uphill battle. With ransomware lurking in the shadows and supply chain risk constantly evolving, it’s easy to feel overwhelmed. Compliance regulations only add more pressure, leaving many wondering where to even begin.

Read more here.

Appgate

Another Wake-Up Call to Embrace Zero Trust Network Access. (Blog Post)
The exploitation of this SonicWall vulnerability by ransomware actors, notably the Akira group, mirrors the Ivanti VPN vulnerabilities that sent shockwaves through the cybersecurity landscape earlier this year. These incidents highlight a recurring pattern: threat actors are increasingly targeting VPNs via exposed infrastructure, shifting their focus from endpoints to the very devices meant to protect us.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Disruptive Cyber Technology 2024, Cybersecurity platforms you should know about, and much more.

KedronUK

SOCial Cricket Event: Disruptive Cyber Tech 2024 (Blog Post)
Our first #NoSalesPitch event of 2024 saw the KedronUK team heading north into central Manchester. The No Sales Pitch format was a great success last year, with ten-minute presentations from five security vendors to keep things moving and interesting. With Sixes Manchester as the venue, there was the chance for networking over food and drink, along with some virtual cricket fun after the presentations had finished.
Read the full blog and download presentation slides here!

ExtraHop

Change Healthcare Ransomware Attack Represents Every CISO’s Worth Nightmare. (Blog Post)
The February 2024 ransomware attack on Change Healthcare is a perfect example of the kind of black swan cyber event that every CISO quietly dreads and prays will never happen: a devasting cyberattack that exposes the sensitive data of millions of customers, paralyzes and entire industry for weeks, and eats away at a company’s earnings for quarters and years to come.
Read more here.

Infosim

StableNet Innovation Lab – One Year of Open Innovation. (Blog Post)
With StableNet Innovation Lab, Infosim have created a driver for open innovation and given innovation management at Infosim a stronger structure and direction. The focus lies on the network Management market and their StableNet solution as well as on researching best practices and transferring them to real applications.

One year after the launch of the lab, a lot has changed and new additions have been added. In this blog post, Dr. David Hock gives an overview of the past year and an outlook on what to expect in 2024.
Find out more here.

Keysight Technologies

Decoding DNS Water Torture: Exploring DDoS Attack Patterns and Traffic Analysis. (Blog Post)
In the ever-evolving landscape of cybersecurity threats, Distributed Denial of Service (DDoS) attacks act as powerful weapons used by attackers to disrupt online services and infrastructure. Among the multitude of DDoS attack methods, one method stands out for its cunning strategy and relentless impact is DNS Water Torture attacks.
Read more here.

Rapid7

AI Trust Risk and Security Management: Why Tackle Them Now? (Blog Post)
In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority. As AI technologies integrate more deeply into our daily operations and services, they bring a set of unique challenges that demand a robust management strategy: The Black Box Strategy, Model Fragility, Easy Access, Staying Ahead of the Curve. The Black Box Dilemma, Model Fragility, Easy Access, Big Responsibility, Staying ahead of the Curve.

Our TRiSM (Trust, Risk, and Security Management) framework isn’t merely a component of our operations – it’s a foundational strategy that guides us in navigating the intricate landscape of AI with confidence and security.
Read more here.

Heimdal

11 Cybersecurity Platforms You Should Know About (2024). (Blog Post)
There’s growing evidence that organisations are consolidating their cybersecurity tools. One survey found that 60% of companies are looking to reduce the number of point solutions they use. And it’s not just about saving money – the top driver was in fact about improving usability.

Cybersecurity platforms are meeting this demand. By bringing most – if not all – of your cybersecurity tools into one environment, you can consiltate your activities into one robust platform.

In this article, you’ll learn about 11 of the best cybersecurity platforms currently available.
Find out more here.

Forescout

Beyond Bullet Holes: Unveiling Cybersecurity’s Hidden Risk Exposure. (Blog Post)
The art of risk assessment has long been a crucial element of military strategy and decision-making – and it remains critical to today’s best practices in cybersecurity defense. Abraham Wald, a mathematical genius, played a pivotal role in revolutionizing the understanding of hidden risk and exposure with his innovative work on aircraft survivability. During World War II, the US air force wanted effective methods to protect aircraft against enemy fire. Wald’s innovative approach stood out.

Wald’s ‘survivorship bias’ methodology offers a compelling analogy for today’s risk management. We need to think more strategically to gain a deeper understanding of risk – and not allow selective ‘success’ filters dissuade the mission. It’s time to accept there are hidden risks from limited visibility — and that hidden risks are a persistent threat to business and to human safety.
Read the full blog post here.