What We Do
How we do it
Sep 23, 2021
SolarMarker Malware Activity
THE THREAT eSentire has observed a recent and significant increase in SolarMarker infections delivered through drive-by download attacks. These attacks rely on social engineering techniques to persuade users to execute malware disguised as document templates. SolarMarker is a modular information-stealing malware; infections may result in the theft of sensitive data including user credentials.…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Aug 25, 2021
eSentire named a Leader in IDC MarketScape for U.S. Managed Detection and Response Services
August 26, 2021 – Waterloo, ON -  eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), announced today that it has been named a Leader in the IDC MarketScape: U.S. Managed Detection and Response Services 2021 Vendor Assessment (doc #US48129921, August 2021). IDC defines the core services an MDR must provide as follows: reduced time for onboarding, 24/7…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Blog — Jun 09, 2021

Legal and Manufacturing Firms Must Manage Risk in the Age of Cyberthreats: Cybercrime Magazine Speaks with eSentire’s Mark Sangster

Mark Sangster, VP Industry Security Strategy at eSentire, recently joined host Hillarie McClure in an episode of Cybercrime Radio: MDR & Reducing Risk. Navigating Digital Disruption.

Listen to the entire conversation on Cybercrime Radio:

As Mark states, “Information is the new currency,” and that means companies that never before considered themselves attractive targets for threat actors are now coming to terms with the very inconvenient truth. Along with accepting that they are, in reality, targets—with much to lose to a cybercrime disruption—companies are also beginning to recognize that, “Security is not an IT problem to solve, it’s a business risk to manage.” And with that recognition comes a necessary change in the vocabulary used to discuss cybersecurity, from ones and zeroes to dollars and cents. Companies need to address risks by taking steps to put in place management, detection and response capabilities that help them meet compliance frameworks that most industries are developing for cybersecurity.

Within this wider context, Mark and Hillarie focus on two industries in particular which now find themselves under siege by threat actors: Legal Services and Manufacturing.

Legal Services

Law firms and other legal services organizations have unique privilege when it comes to information: they deal with mergers and acquisitions, patents, personally identifiable information, financial data, regulatory filings, and much more—all of which hold tremendous value for cybercriminals.

Plus, much of the legal process plays out in public through court filings and other documentation. A consequence of this transparency is that threat actors can easily find and weaponize information to use to try to victimize law firms.

Add in the facts that law firms are very susceptible to reputational damage and that most are undergoing a digital transformation (more connected systems handling more data), and it’s clear why cybercriminals look at the legal industry as a veritable buffet.

This last point is made all-too-clear when Mark quickly runs through a number of incidents—including one that might have come straight from the pages of a cybercrime thriller, in which eSentire’s security experts defeated a nation state in cybercombat!

To learn more about how eSentire has successfully protected legal firms from ransomware gangs and state-sponsored actors, download our Legal Solution Brief.


The manufacturing industry is undergoing a digital transformation of its own, one aspect of which is increased interconnectivity and interdependence between operational technology (OT) and information technology (IT).

This “blending,” as Mark puts it, offers enormous benefits for manufacturers, but also introduces risks that the industry never had to deal with before.

In particular, factories of all sizes are massively vulnerable to ransomware outages, as downtime equals lost production; plus, the IP theft that is often part of today’s ransomware attacks has the potential to severely diminish enterprise value.

Mark explains why manufacturers are so vulnerable to cyberattacks and touches on the work that eSentire is doing with the National Association of Manufacturers (NAM) to help small and medium manufacturers to manage these new risks. He also explains why the Cybersecurity Maturity Model Certification program is a great step towards helping manufacturers “right size” their security investments.

To learn more about how eSentire has successfully protected manufacturing firms and their supply chains, download our Manufacturing Solution Brief.

Something for everyone

While much of the discussion focuses on the Legal Services and Manufacturing industries, the general cyberthreats Mark and Hillarie explore apply to every organization, as do the lessons and advice Mark offers.


eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.