Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on OT/IoT Visibility, Medical Ransomware, 2025 Cybersecurity Predictions, and much more.

KedronUK
OT/IoT Visibility Survey Report (Blog Post)
Although the integration of IT with OT, ICS, and IoT/IoMT networks allow for streamlines process, predictive maintenance, and enhanced data analysis capabilities, it also introduces significant challenges, particularly in the realm of cybersecurity.

In response to these challenges, we conducted a survey in partnership with Keysight Technologies and Forescout Technologies, to better understand how enterprises are approaching the integration of these diverse systems.

Please see the full report and summary of responses here!

BullWall
How BullWall Strengthens Resilience Against Medical Ransomware. (Blog Post)
The healthcare industry has become a prime target for ransomware attacks, with cybercriminals increasingly focusing on hospitals, clinics, and medical device manufacturers. Medical ransomware attacks compromise critical healthcare systems, disrupt patient care, and pose significant risks to sensitive patient data. For healthcare organisations, where every second counts, and downtime caused by ransomware can have devastating consequences – delayed treatments, financial losses, and even threats to patient safety.

Find out more about medical ransomware attacks here.

Forescout
7 Cybersecurity Predictions for 2025. (Blog Post)
As we quickly approach a new year, the threat landscape is evolving. Here, we share the most pressing cybersecurity predictions across critical infrastructure, operational technology (OT), ransomware, artificial intelligence, the supply chain, and more.

In 2025, the cybersecurity landscape will be defined by sophisticated, multi-layered threats from AI assisted hacking to persistent ransomware and targeted OT attacks. As threat actors evolve their tactics, organisations must stay proactive and use the latest technologies and strategies to protect their critical infrastructure and assets.

Read more here.

Infosim
How to Identify Better Ways to Manage Your Managed Service. (Blog Post)
Managed Service Providers (MSPs) play a crucial role in keeping IT operations running smoothly for their customers. From managing IT security to overseeing entire infrastructures, MSPs take on the heavy lifting so businesses can focus on what they do best.

But having the right tools in place is non-negotiable. Transparent, efficient, and seamless operations depend on them. The problem? The tech landscape is constantly evolving, and customer demands are only getting bigger. This makes building the perfect tech stack a real challenge. For MSPs, it’s all about staying ahead of the curve and proving they’ve got everything covered, no matter how complex the environment gets.

Read the full blog post here.

Rapid7
Unlocking the Power of AI in Cybersecurity. (Blog Post)
Todays SOC teams have to face dramatic challenges that include overwhelming volumes of alerts, blurred perimeter protections, and resource constraints; meanwhile, AI is bursting into SOC workflows as one of the most important elements in addressing these issues more productively and letting teams truly focus on what matters most.

See details from Rapid7’s recent webinar here.

Keysight Technologies
Keysight Launches All-in-One Solution for Network Visibility and Security. (Blog Post)
Keysight Technologies launched AppFusion, a network visibility partner program that integrates third-party security and monitoring solutions directly into its network packet brokers. The program integrates market-leading technologies from Forescout, Instrumentix, and Nozomi Networks enabling customers to streamline network and security operations (NetOps/SecOps) while significantly reducing infrastructure costs. This all-in-one, multi-vendor solution helps IT professionals reduce capital and operations expenses while improving security monitoring and performance.

Find out more here.

Logpoint
EDR Killers: After All, EDRs Are Not Invincible. (Blog Post)
Endpoint Detection and Response (EDR) tools are our frontline warriors in the ever-evolving cybersecurity battlefield. Yet, a new menace is taking shape: EDR killers – tools designed to impair these defences, leaving organisations exposed to devastating attacks.

Read more here.

ExtraHop
Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
For IT and security teams, remote monitoring and management (RMM) software, such as AnyDesk, ConnectWise, ScreenConnect, and Splashtop are a lot like cordless electric chainsaws. On one hand, they make tedious tasks like remote pitch installation and troubleshooting far faster and easier. But on the other hand, because they allow remote users such as helpdesk admins to take control of an end users computer, threat actors are increasingly exploiting legitimate RMM software to establish an interactive command and control (C2) channel, move laterally across an organisations network, maintain persistence, and fly under the radar of traditional detection by blending in with legitimate operations.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Cyber Threats, Network Visibility, EDR vs. SIEM, and much more.

KedronUK
Current Cyber Threats and How to Prevent Them (Blog Post)
In our increasingly digital world, cyber-attacks pose a significant threat to both individuals and organisations. Understanding these threats and learning how to protect yourself is essential. This blog post delves into some of the most common cyber-attacks, providing detailed insights and practical prevention tips.

Read the full blog here!

ExtraHop
Stop Breaches with Network Visibility. (Blog Post)
One of the biggest challenges facing security teams is that attackers know defenders can’t watch everything, particularly if defenders lack network visibility. Without network visibility, not only are organisations blind to how attackers are moving through their environment, but they also have extremely limited visibility into the systems and data bad actors are accessing.

Read more here.

Infosim
Netconf/YANG: The Future of Network Configuration. (Blog Post)
Your network’s health is crucial for keeping things running smoothly and ensuring you maintain top-notch service availability. At the heart of it all you need a smart network management solution that lets you make quick, automated configurations and stay ahead of potential issues.

One of the biggest causes of network problems? Human error from manual configuration mistakes. That’s why the tech world is constantly looking for better ways to manage networks more efficiently, dynamically, and—importantly—standardized across different systems.

Find out more here.

BullWall
Protecting the Manufacturing Industry from Ransomware Attacks. (Blog Post)
The manufacturing industry, a cornerstone of the global economy, faces a growing threat from ransomware attacks. The cyberattacks can cause severe damage, leading to costly downtime, production delays, and a multitude of other critical issues.

Read the full blog post here.

Rapid7
Proactive Visibility is Foundational to Strong Cybersecurity. (Blog Post)
Exposures are more than CVEs, so organisations need to move beyond the traditional thinking of vulnerability management to a holistic view. Part of that view must be greater visibility into devices, users, applications, and all the digital infrastructure connected to an organisation’s environment. Gaps in that view create risk exposure. Organisations must proactively identify anything that presents a risk to determine whether to act.

Read more here.

Heimdal
EDR vs. SIEM. (Blog Post)
When it comes to threat detection, it’s important to get the right tools for the job. Unfortunately, that can be easier said than done. Whether it’s a SIEM, EDR, XDR, MDR or any of a whole range of other confusing and overlapping terms, there are a lot of products on the market. EDR and SIEM solutions are two of the most common. And to add to the confusion, some companies will need both products, some need one or the other, and others neither.

Read more here, for everything you need to know about EDR vs. SIEM.

Forescout
Cybersecurity in Manufacturing: 5 Challenges to Overcome. (Blog Post)
Executing cybersecurity in manufacturing environments can feel like an uphill battle. With ransomware lurking in the shadows and supply chain risk constantly evolving, it’s easy to feel overwhelmed. Compliance regulations only add more pressure, leaving many wondering where to even begin.

Read more here.

Appgate
Another Wake-Up Call to Embrace Zero Trust Network Access. (Blog Post)
The exploitation of this SonicWall vulnerability by ransomware actors, notably the Akira group, mirrors the Ivanti VPN vulnerabilities that sent shockwaves through the cybersecurity landscape earlier this year. These incidents highlight a recurring pattern: threat actors are increasingly targeting VPNs via exposed infrastructure, shifting their focus from endpoints to the very devices meant to protect us.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Disruptive Cyber Technology 2024, Cybersecurity platforms you should know about, and much more.

KedronUK
SOCial Cricket Event: Disruptive Cyber Tech 2024 (Blog Post)
Our first #NoSalesPitch event of 2024 saw the KedronUK team heading north into central Manchester. The No Sales Pitch format was a great success last year, with ten-minute presentations from five security vendors to keep things moving and interesting. With Sixes Manchester as the venue, there was the chance for networking over food and drink, along with some virtual cricket fun after the presentations had finished.
Read the full blog and download presentation slides here!

ExtraHop
Change Healthcare Ransomware Attack Represents Every CISO’s Worth Nightmare. (Blog Post)
The February 2024 ransomware attack on Change Healthcare is a perfect example of the kind of black swan cyber event that every CISO quietly dreads and prays will never happen: a devasting cyberattack that exposes the sensitive data of millions of customers, paralyzes and entire industry for weeks, and eats away at a company’s earnings for quarters and years to come.
Read more here.

Infosim
StableNet Innovation Lab – One Year of Open Innovation. (Blog Post)
With StableNet Innovation Lab, Infosim have created a driver for open innovation and given innovation management at Infosim a stronger structure and direction. The focus lies on the network Management market and their StableNet solution as well as on researching best practices and transferring them to real applications.

One year after the launch of the lab, a lot has changed and new additions have been added. In this blog post, Dr. David Hock gives an overview of the past year and an outlook on what to expect in 2024.
Find out more here.

Keysight Technologies
Decoding DNS Water Torture: Exploring DDoS Attack Patterns and Traffic Analysis. (Blog Post)
In the ever-evolving landscape of cybersecurity threats, Distributed Denial of Service (DDoS) attacks act as powerful weapons used by attackers to disrupt online services and infrastructure. Among the multitude of DDoS attack methods, one method stands out for its cunning strategy and relentless impact is DNS Water Torture attacks.
Read more here.

Rapid7
AI Trust Risk and Security Management: Why Tackle Them Now? (Blog Post)
In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority. As AI technologies integrate more deeply into our daily operations and services, they bring a set of unique challenges that demand a robust management strategy: The Black Box Strategy, Model Fragility, Easy Access, Staying Ahead of the Curve. The Black Box Dilemma, Model Fragility, Easy Access, Big Responsibility, Staying ahead of the Curve.

Our TRiSM (Trust, Risk, and Security Management) framework isn’t merely a component of our operations – it’s a foundational strategy that guides us in navigating the intricate landscape of AI with confidence and security.
Read more here.

Heimdal
11 Cybersecurity Platforms You Should Know About (2024). (Blog Post)
There’s growing evidence that organisations are consolidating their cybersecurity tools. One survey found that 60% of companies are looking to reduce the number of point solutions they use. And it’s not just about saving money – the top driver was in fact about improving usability.

Cybersecurity platforms are meeting this demand. By bringing most – if not all – of your cybersecurity tools into one environment, you can consiltate your activities into one robust platform.

In this article, you’ll learn about 11 of the best cybersecurity platforms currently available.
Find out more here.

Forescout
Beyond Bullet Holes: Unveiling Cybersecurity’s Hidden Risk Exposure. (Blog Post)
The art of risk assessment has long been a crucial element of military strategy and decision-making – and it remains critical to today’s best practices in cybersecurity defense. Abraham Wald, a mathematical genius, played a pivotal role in revolutionizing the understanding of hidden risk and exposure with his innovative work on aircraft survivability. During World War II, the US air force wanted effective methods to protect aircraft against enemy fire. Wald’s innovative approach stood out.

Wald’s ‘survivorship bias’ methodology offers a compelling analogy for today’s risk management. We need to think more strategically to gain a deeper understanding of risk – and not allow selective ‘success’ filters dissuade the mission. It’s time to accept there are hidden risks from limited visibility — and that hidden risks are a persistent threat to business and to human safety.
Read the full blog post here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Ransomware, Increasing Modularisations, Network Visualisation, and much more.

KedronUK
Streamlining Efficiency: A Dive into our Latest Automation Project (Blog Post)
Read our latest blog post from Phil Swainson where he explores how even seemingly ‘unbroken’ processes can benefit from automation, demonstrating the value of taking a proactive approach to innovation.

We find it hard to believe we are making over two decades of success in the ever-evolving IT industry, so we wanted to take a look back and share with our customers where it started, what has changed and where we think we will be going next!
Read the full blog here!

ExtraHop
Ransomware is About to Get Worse. Much Worse. (Blog Post)
If your organisation got hit with ransomware, what would you do? Would you pay the ransom?

As ransomware attacks once again take centre stage in cybersecurity, more and more organisations are opting to pay the ransom: 91% of security and IT decision makers surveyed on behalf of ExtraHop say they made at least one ransom payment in 2023, up from 83% in 2022, according to the 2024 Global Cyber Confidence Index.
Read more here.

Infosim
The Importance of Increasing Modularisations StableNet® Development. (Blog Post)
Network management software is tasked with oversight of complex network infrastructures comprised of a wide array of vendors, technologies, and innovations. Artificial intelligence and machine learning, novel approaches to data visualisation, the proliferation of IoT, telemetry… the list of tasks for a truly holistic and integrative solution are daunting indeed.

In this blog post, we will explore the myriad benefits of modularisation, focusing on its ability to simplify updates, foster specialized expertise, and pave the way for a more adaptable and forward-thinking approach to our unchanging commitment: the never-ending improvement of StableNet®.
Find out more here.

Keysight Technologies
Five Surprising Benefits of Network Visualisation. (Blog Post)
In the dynamic world of modern technology—where the intricacies of network systems continue to evolve at a rapid pace—the role of network visualisation stands as a game-changer in unravelling the mysteries of network modelling. Network visualisation provides a real-time view of network traffic and resource utilisation and can be used to identify bottlenecks, inefficiencies, and potential security vulnerabilities. Throughout this blog post Keysight delve into five surprising advantages that network visualisation brings to the realm of network modelling.
Read more here.

Rapid7
The Business of Cybersecurity Owndership. (Blog Post)
Cyber ownership can often be overlooked or misunderstood within an organisation. Responsibility and accountability should not rest solely on the CISO’s shoulders. And while the IT department will also have a role to play, security responsibilities must be ingrained in the culture of the entire organisation. They should include each responsible asset owner, not forgetting that data is also an asset.
The more eyes there are on security within your business, the greater the ability of your cyber teams to strive for increasing levels of maturity and a stronger overall security posture.
Read more here.

Heimdal
SharePoint Flaws Could Help Threat Actors Evade Detection Easier When Stealing Files. (Blog Post)
Two methods that researchers have found might allow attackers to get around audit logs or produce less serious entries when they download data from SharePoint. Due to the sensitivity of SharePoint data, a lot of businesses audit sensitive occurrences, such as data downloads, to set off alarms in security information and event management platforms (SIEMs), cloud access security solutions, and data loss prevention tools.

Two easy methods that users can employ to get around SharePoint’s audit logs or create less sensitive events by downloading data in a certain way or passing it off as data synchronization operations have been developed by security experts.
Find out more here.

Forescout
The Global Threat Evolution of Internet-exposed OT/ICS. (Blog Post)
Operational technology (OT) and Industrial Control Systems (ICS) are core parts of an engine fuelling critical infrastructure in industrialised nations worldwide. Water treatment facilities. Wastewater plants. Electrical transmission and distribution hubs. Nuclear power and manufacturing plants. Energy pipelines.

Over the years, these traditional technologies have become more connected and integrated to information systems that use the internet – opening them up for more efficient monitoring and automation of operational processes.
Read the full blog post here.

BullWall
Ransomware Prevention Best Practices. (Blog Post)
In an era that features constant cybersecurity threats that are increasingly complex and continually evolving, combating ransomware remains one of the most daunting challenges many organisations face. Though we understand that complete ransomware prevention is not possible, we are aware that having a well-executed list of best practices can significantly mitigate risks associated with a ransomware attack. Throughout this blog BullWall highlight some of the many different layers available to help your organisation avoid and mitigate the impact of a ransomware attack.
Read more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on ensuring a PCI DSS compatible solution, the latest Cyber Security threats, how Network Visibility unlocks Zero Trust,  and much more.

KedronUK
Ensuring a PCI DSS Compatible Solution with Rapid7 InsightIDR. (Case Study)
With card payments now accounting for the majority of customer transactions, helping to ensure conformity with the Payment Card Industry Data Security Standard (PCI DSS) was a prerequisite for J.W. Lees. Having worked with KedronUK previously, J.W. Lees approached the team seeking an enhanced solution to maximise security and assist with compliance towards PCI DSS. KedronUK strongly felt that – with the customer use case in mind – Rapid7 InsightIDR offered a more feature-rich solution compared to other vendors. InsightIDR has contributed significantly to enable J.W. Lees work towards achieving enhanced compliance in relation to the PCI DSS.
Read the full case study here!

ExtraHop
How Network Visibility Unlocks Zero Trust. (Blog Post)
One of the fundamental principles of cybersecurity is that you can’t protect what you can’t see. For the modern government agency, that means knowing at any given time who and what is on your network, how data is flowing across it, and the health of your endpoints. This isn’t a static picture: endpoints, data flows, and users are dynamic. If you protect your network AND get the highest level of performance from it, you need to understand how all these different factors work together and shift over time.
Read more here.

Infosim
StableNet® BI: Transforming Data into Power. (Blog Post)
StableNet®’s all new Business Intelligence (SNBI) offers a revolutionary solution by seamlessly integrating diverse data sources, granting businesses unprecedented insights. By combining infrastructure management with BI tools, companies gain the capability to optimize business processes and anticipate market shifts, enhancing their competitive edge. This integration not only streamlines operations but also fortifies the organization’s resilience by enabling proactive, holistic decision-making to prevent costly downtime and invest intelligently for future growth.
Click here for more information.

Keysight Technologies
Latest Cybersecurity Threats. (Blog Post)
Have you started 2024 feeling well prepared for the latest cyberthreats? In this month’s cyber threats rollup, Keysight have observed some major new attacks. The Keysight Application and Threat Intelligence (ATI) Research Centre has been keeping customers and partners safe by creating simulations of the latest cybersecurity attacks and incorporating them into Threat Simulator, Keysight’s breach and attack simulation (BAS) platform.
Find out more here.

Rapid7
5 Insights from the latest Cybersecurity trends research. (Blog Post)
Rapid7 is committed to promoting research that identifies the latest cybersecurity trends so that organisations can leverage these insights and created programs that make sense for the modern SOC. To that end, we’ve singled out five quick insights security professionals and stakeholders should consider when looking ahead. These findings are based on top trends in Cybersecurity for 2024, a new research report from Gartner.
Read more here.

Heimdal
Google Workspace: Cybersecurity Friend or Foe? (Blog Post)
Kevin Mitnick, once dubbed the Worlds most famous hacker said that “hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.” As defenders, it’s our job to put them out of business or, at the very least, provide some good sport. In this article, Heimdal explores how common tools such as those from the Google Workspace suit can lead to a full-fledge business compromise.
Find out more here.

Forescout
Bringing the Light into the Dark Places: Invisible Threats, Visible Solutions. (Blog Post)
What is the biggest cybersecurity challenge facing companies worldwide? The answer may vary depending on who you ask, but one indisputable fact remains clear: “What you can’t see, can and will hurt you”. Cyberthreats lurk in the depths of the digital world, constantly evolving, poised to strike unsuspecting victims. They often strike by compromising unseen connected devices which, experience has proven, represent up to 50% of all devices on a network.
To safeguard your business, it’s imperative to bring a light into the dark places by leveraging robust strategies and tools to protect your digital realm. This blog explores the significance of effective threat detection and response solutions and how they shield your organisation from the invisible dangers lurking in the digital shadows.
Read the full blog post here.

BullWall
NIS2: Stronger Cyber Defence for Europe. (Blog Post)
We live in a world where banking, healthcare, public transportation, and other critical services and agencies rely on computer systems. Computer systems which make them vulnerable to cyberattacks. To counter these threats the European Union has introduced NIS2, a set of rules designed to strengthen cybersecurity across Europe.
Read more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Cybersecurity Predictions, AI-Powered Cyberthreats, Data Security and much more.

KedronUK
Cybersecurity Trends to Look Out for in 2024. (Blog Post)
In our rapidly evolving digital landscape, staying ahead of cyber threats is paramount. As we enter 2024, the world of cyber security is poised for significant changes and challenges. In this blog post, we explore four key cybersecurity trends that are likely to shape the landscape in the coming year.
Read our latest blog post here!

ExtraHop
Cybersecurity Predictions: Generative AI, Chat Services Will Assist with Sneak Attacks. (Blog Post)
In 2024, cybersecurity practitioners should watch out for three emerging tactics threat actors are likely to take to try to sneak up on organisations:

1. Attackers will increasingly turn to AI to write malware and phishing messages.
2. Threat actors will deploy rogue chat programs to deliver malicious code and steal data.
3. Attackers will target APIs in an effort to steal the data transmitted between applications.

A recent webinar from ExtraHop and Dark Reading featured a presentation about these three cybersecurity trends. For the highlights from the webinar, read the full blog post here.

Infosim
StableNet® 24 Release! (Blog Post)
Get a full overview of key changes and improvements to the industry-leading Automated network & Service management solution StableNet®. From feature additions to module enhancements and critical security updates, StableNet® 24 has plenty to explore and excite, including an all-new solution suite!
Read more here.

Keysight Technologies
10 Executive Predictions on How AI will Shape Technology in 2024. (Blog Post)
With the introduction of ChatGPT, Dall-e, and many other tools to the public, artificial intelligence (AI) has become a hotly debated topic that will continue to dominate headlines throughout the decade. Engineers are integrating AI into technologies and reaping the benefits to enhance operations, extract and leverage intelligence, and drive organisation-wide benefits across industries.
In this article, Keysight’s executives weigh in with their predictions about how AI’s influence will strengthen and impact technologies across industries as we come into 2024.
Find out more here.

Rapid7
Building the Best SOC Takes Strategic Thinking. (Blog Post)
So, your security team is ready to scale up its security operations centre, or SOC, to better meet the security needs of your organisation. That’s great news. But there are some very important strategic questions that need to be answered if you want to build the most effective SOC you can and avoid some of the most common pitfalls teams of any size can encounter.
The Gartner® report SOC Model Guide, is an excellent resource for understanding how to ask the right questions regarding your security needs and what to do once those questions are answered.
Read more here.

Heimdal
How to Complete an IT Risk Assessment (2024). (Blog Post)
In a perfect world, you’d have the resources to defend yourself against every possible cybersecurity threat and vulnerability. The reality, however, is that even the largest organisations have limited resources to dedicate to cybersecurity. An effective security strategy, therefore, needs to put managing risk at the heart of its approach.
That’s where IT risk assessments come in.
Find out more here.

Forescout
The Road Ahead: What Awaits in the Era of AI-Powered Cyberthreats? (Blog Post)
Artificial intelligence (AI) is rapidly infiltrating the business world and our daily lives. While revolutionizing how – and how efficiently – work gets done, it also introduces a new set of cybersecurity challenges. In response to the evolving, AI-shaped threat landscape, I foresee organisations adopting robust countermeasures.
Read the full blog post here.

BullWall
The Importance of Data Security in Business. (Blog Post)
In today’s ever-changing digital landscape, data has ascended to an almost sacred status. The importance of making sure that data security in business is up to date is becoming one of the most important tasks an organisation can undertake. Data breaches, intrusions, and cyber threats aren’t just the bane of IT departments; they are notorious for impacting an entire organisation. From the cost of downtime to a loss of reputation and trust, having your data compromised can negatively impact organisations of all sizes.
Read more here.