Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Visibility and response across your entire Microsoft security ecosystem.
XDR with Machine Learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert threat hunting, original research, and proactive threat intelligence.
TRU is foundational to our MDR service. No add-ons or additional costs required.
Stop ransomware attacks before they disrupt your business.
Detect and respond to zero-day exploits.
Protect against third-party and supply chain risk.
Adopt a risk-based approach to cybersecurity.
Protect your most sensitive data.
Meet cybersecurity regulatory compliance mandates.
Eliminate misconfigurations and policy violations.
Prevent business disruption by outsourcing MDR.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and mediating threats to prevent lateral spread.
Enhance investigation and threat detection across multi-cloud or hybrid environments.
Remediate critical misconfigurations, security vulnerabilities and policy violations across cloud and containerized environments.
Detect malicious insider and identity-based behavior leveraging machine learning models.
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
We believe a multi-signal approach is paramount to protecting your complete attack surface. See why eSentire MDR means multi-signal telemetry and complete response.
See how our 24/7 SOC Cyber Analysts and Elite Threat Hunters stop even the most advanced cyberattacks before they disrupt your business.
Choose the right mix of Managed Detection and Response, Exposure Management, and Incident Response services to strengthen your cyber resilience.
Try our interactive tools including the MITRE ATT&CK Tool, the SOC Pricing Calculator, the Cybersecurity Maturity Assessment, and our MDR ROI Calculator.
Read the latest security advisories, blogs, reports, industry publications and webinars published by eSentire's Threat Response Unit (TRU).
See why 2000+ organizations count on eSentire to build resilience and prevent business disruption.
This article is contributed by Ray Texter, Chief of Information Security at Texas United Management, and a customer of eSentire MDR.
The threats of cybersecurity are front and center in mining as operations become increasingly dependent on technology and digitization. How can the industry fight off what it can’t see?
Security leaders in the manufacturing sector are tasked with being proactive and maintaining the highest level of visibility and control to balance security and functionality
and align with business objectives. Yet partnerships with third parties (contractors) are the backbone of the entire industry – we all work together to deliver “the goods” to the end customer.
When a third party is introduced, organizations are placed in more of a reactive position, relying on the supplier regarding security posture, policies, etc., we start to lose control of
our systems. Additionally, manufacturers often operate as a distributed workforce spread across various projects, work sites and often countries, increasing the odds of a security breach.
In particular, the industry is increasingly the target of ransomware cyberattacks that lead to costly project delays exposing proprietary information shared across joint venture partnerships, consortiums and sub-contractors. Successful attacks unfold in mere hours from initial access to data exfiltration and ransomware deployment, making the time to detect and time to contain critical factors in building an effective cybersecurity program.
Unless you’re prepared to defend against ransomware, these attacks result in your organization being locked out of critical systems and applications for days and weeks. In many cases, the resulting downtime can cost organizations hundreds of thousands and even millions of dollars daily.
These attacks are, unfortunately, not uncommon. Using just one well-known cybercriminal group as an example, two affiliates of the Conti Ransomware Group – one of the longest-running and most lethal ransomware groups today – claimed that they had compromised 81 victim organizations between the end of February and mid-July 2022. Victims included a parts manufacturer and a supplier of components to military organizations, aerospace companies, and auto manufacturers.
As cyber criminals evolve, these attacks offer threat actors increasingly stealthy, scalable and privileged access to any organization’s on-premises, cloud or hybrid environment. These groups use clever techniques to dupe victims with clever phishing emails and drive-by downloads from infected websites. They combine a recipe of malware, including credential harvesting, backdoor and remote access tools, data collection, ransomware and even data wipers to cripple businesses.
But while we may never be able to eradicate cybercriminals’ actions, we can become more resilient. Companies like Texas United Management (TUM) are 24 hours a day, seven days a week, three full rotating shifts and are in constant M&A mode. With multiple locations, lateral movement of a cyberattack can happen swiftly, making it more difficult to mitigate the risk.
Throughout my career and at TUM, we’ve identified three core areas critical to our protection and resiliency.
Even with years of cybersecurity planning experience, I knew there was no way I could keep our company’s operations and information safe on my own. Outsourcing security operations to a partner who can manage, detect and respond to threats and anomalies can drastically improve an organization’s security posture and cyber resiliency. Especially when considering challenges such as the cybersecurity skills gap and growing data problems (remote users, cloud, etc.), all compounded by the rapidly evolving threat landscape.
But finding a long-term partner that is a good fit for your business takes some deep level shopping techniques. We have been working with eSentire for a few years now and enjoy a powerful relationship. My tips on what to look for in a partner:
To survive any “disaster,” a team must be prepared, practiced and poised. This can only happen if your Incident Response (IR) plan is written in precise, clear language detailing step-by-step actions and assignments. Having a ‘ready for anything’ mentality, accounting for the unknown, minimizes the impact on the business. Secondly, drill your team. Hold mock situations to physically practice a cyberattack. Muscle memory could mean the difference between quick, decisive action during a crisis versus a “deer in the headlights” response. And even if your IR plan is 80% ready for most situations, you should lean on your cybersecurity partner to pick up the slack.
Resilience is defined as “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks or compromises on systems that use or are enabled by cyber resources.” While a good IR plan anticipates issues, adaptation (conducting post-mortem analyses to identify lessons learned and make appropriate people, process and technology changes) and evolution (today’s solutions may not solve tomorrow’s problems, so constantly challenging our way of thinking and evaluating whether we’re solving or prioritizing the right problems the right way) are particularly critical parts of the package.
Segmentation of networks – putting barriers between an organization’s operational and enterprise networks – has become a fundamental industry best practice, especially
in today’s distributed workforce. Network segmentation allows network administrators to control the flow of traffic between subnets improving monitoring, boosting performance, localizing technical issues, and – most importantly – enhancing security. The use of network segmentation strategies such as guest-only networks and user group strict access rules helps to manage the specific user permissions for data access. For example, you can allow users to access some network resources that allow them to carry out their duties but restrict access to mission-critical systems or sensitive data.
In conclusion, while we may never be able to eradicate cyberattacks and the bad actors who perpetrate them, there are core things we as security professionals can do to shore up our protections and mitigate risk. Segmenting networks and having a strong, well-practiced IR plan in place are two cornerstones of a strong security posture. Perhaps most importantly, we need to embrace finding a like-minded, well-respected security partner that will be our “ride or die” when the attacks do occur, and who understands the business objectives and growth projections.
Originally posted on northamericanmining.com
Ray Texter is the Chief of Information Security at Texas United Management, a mining & metals company that offers brine commercial production services. In the past five years, his accomplishments include establishing a cybersecurity program for Texas United Management Corporation in addition to a critical system that supports Operations Technology. Ray has provided consulting services and developed blueprints and roadmaps to ensure alignment with IT transformation efforts. He is an adept leader with 25+ years of professional experience in improving business efficiencies and acting as a catalyst for change.