What We Do
How we do it
Resources
SECURITY ADVISORIES
Jul 26, 2021
PetitPotam NTLM Relay Attack
THE THREAT PetitPotam is a variant of NTLM Relay attacks discovered by security researcher Gilles Lionel. Proof of Concept code released last week [1] relies on the Encrypting File System Remote (EFSRPC) protocol to provoke a Windows host into performing an NTLM authentication request against an attacker-controlled server, exposing NTLM authentication details or authentication certificates.…
Read More
View all Advisories →
Company
ABOUT eSENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Jul 12, 2021
Tecala and eSentire Partner to Protect Enterprises across APAC from Business-Disrupting Cyber Attacks
Sydney, 12 July, 2021 - Tecala, Australia’s award-winning technology services and IT consulting provider, today announced it has chosen eSentire, the global Authority in Managed Detection and Response (MDR) cybersecurity services, as their exclusive MDR solution provider in Australia and New Zealand. This partnership will enable Tecala to augment its cybersecurity practice and offer enterprises…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Resources
Blog — Jun 09, 2021

Legal and Manufacturing Firms Must Manage Risk in the Age of Cyberthreats: Cybercrime Magazine Speaks with eSentire’s Mark Sangster

3 min read

Mark Sangster, VP Industry Security Strategy at eSentire, recently joined host Hillarie McClure in an episode of Cybercrime Radio: MDR & Reducing Risk. Navigating Digital Disruption.

Listen to the entire conversation on Cybercrime Radio:

As Mark states, “Information is the new currency,” and that means companies that never before considered themselves attractive targets for threat actors are now coming to terms with the very inconvenient truth. Along with accepting that they are, in reality, targets—with much to lose to a cybercrime disruption—companies are also beginning to recognize that, “Security is not an IT problem to solve, it’s a business risk to manage.” And with that recognition comes a necessary change in the vocabulary used to discuss cybersecurity, from ones and zeroes to dollars and cents. Companies need to address risks by taking steps to put in place management, detection and response capabilities that help them meet compliance frameworks that most industries are developing for cybersecurity.

Within this wider context, Mark and Hillarie focus on two industries in particular which now find themselves under siege by threat actors: Legal Services and Manufacturing.

Legal Services

Law firms and other legal services organizations have unique privilege when it comes to information: they deal with mergers and acquisitions, patents, personally identifiable information, financial data, regulatory filings, and much more—all of which hold tremendous value for cybercriminals.

Plus, much of the legal process plays out in public through court filings and other documentation. A consequence of this transparency is that threat actors can easily find and weaponize information to use to try to victimize law firms.

Add in the facts that law firms are very susceptible to reputational damage and that most are undergoing a digital transformation (more connected systems handling more data), and it’s clear why cybercriminals look at the legal industry as a veritable buffet.

This last point is made all-too-clear when Mark quickly runs through a number of incidents—including one that might have come straight from the pages of a cybercrime thriller, in which eSentire’s security experts defeated a nation state in cybercombat!

To learn more about how eSentire has successfully protected legal firms from ransomware gangs and state-sponsored actors, download our Legal Solution Brief.

Manufacturing

The manufacturing industry is undergoing a digital transformation of its own, one aspect of which is increased interconnectivity and interdependence between operational technology (OT) and information technology (IT).

This “blending,” as Mark puts it, offers enormous benefits for manufacturers, but also introduces risks that the industry never had to deal with before.

In particular, factories of all sizes are massively vulnerable to ransomware outages, as downtime equals lost production; plus, the IP theft that is often part of today’s ransomware attacks has the potential to severely diminish enterprise value.

Mark explains why manufacturers are so vulnerable to cyberattacks and touches on the work that eSentire is doing with the National Association of Manufacturers (NAM) to help small and medium manufacturers to manage these new risks. He also explains why the Cybersecurity Maturity Model Certification program is a great step towards helping manufacturers “right size” their security investments.

To learn more about how eSentire has successfully protected manufacturing firms and their supply chains, download our Manufacturing Solution Brief.

Something for everyone

While much of the discussion focuses on the Legal Services and Manufacturing industries, the general cyberthreats Mark and Hillarie explore apply to every organization, as do the lessons and advice Mark offers.

eSentire
eSentire

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.