What We Do
How we do it
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
Mar 15, 2023
CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Zero-Day Vulnerability
THE THREAT On March 14th, as part of Microsoft’s monthly Patch Tuesday release, the company disclosed a critical, actively exploited vulnerability impacting Microsoft Office and Outlook. The…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Mar 20, 2023
Exertis and eSentire Partner to Deliver 24/7 Multi-Signal MDR, Digital Forensics & IR Services and Exposure Management to Organisations Across the UK, Ireland, and Europe
Basingstoke, UK– 20 March, 2023. Leading technology distributor, Exertis, announced today that it has bolstered its cybersecurity services, adding eSentire, the Authority in Managed Detection and Response (MDR), to its Enterprise portfolio of offerings. eSentire’s award-winning, 24/7 multi-signal MDR, Digital Forensics & Incident Response (IR), and Exposure Management services will be available…
Read More
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Jun 17, 2021

CyFIR Leadership Q&A: Small-Cap Companies

4 minutes read
Speak With A Security Expert Now
This blog was originally published on CyFIR.com and has been reposted as-is here following eSentire’s acquisition of CyFIR Inc. in June 2021. As of the date of the acquisition, no changes have been made to the content below.

All enterprises, large and small, must safeguard against cyber threats. However, small-cap companies face many unique challenges that increase their risk exposure. By understanding these risks and developing an appropriate cybersecurity strategy, small-cap companies can significantly reduce the likelihood – and potential severity – of a breach.

Q: Why are small-cap companies targeted by cyber criminals? How can small-cap companies become a less attractive target?

A: Small companies tend to be focused on growth, revenue, and running the business — as they should. Cybersecurity is often an afterthought, leaving many companies without the programs and staff necessary to prepare for, or respond to, a security breach. Cyber criminals know that small companies rarely have strong, well-planned, and fully-patched security devices, programs, and protocols. As a result, they become attractive targets, especially as testing grounds, for new cybercrime techniques.

To reduce the risk of an attack, small companies need to improve their security posture. Companies should develop an incident response plan and consider retaining a service provider that can act immediately when a breach is suspected. Outsourcing to a company that specializes in overall IT security management is often the best choice for a smaller company, as the ongoing monthly costs are usually less than maintaining a qualified and continually-trained in-house IT security staff.

Q: Why is a “culture of security” important to cybersecurity resilience, and how can companies develop such a culture among their employees? 

A: In an era of teleworking and employee-owned electronic devices, it can be challenging to develop a security-conscious corporate culture. Too often, managers try to create a culture of security by simply imposing new rules and security constraints, which can inadvertently send a message of mistrust. Instead, companies should begin by making sure all employees understand what is at stake — that with a single misstep the Company and their livelihoods could be irreversibly damaged. Companies should begin by ensuring that everyone, including management and the Board, possesses a baseline understanding of cybersecurity principles. This requires training on how to maintain good cybersecurity hygiene, as well as personal vigilance, regardless of whether an employee is working in the office or at home.

Q: What is the role of planning in developing and executing an effective cybersecurity strategy?

A: Proper cybersecurity planning and execution can be the difference between a suite of tools and procedures that work seamlessly together or a patchwork of duplicative tools, sold by different vendors, that increase cost without delivering a secure environment. All companies should develop a plan that systematically ensures good cyber hygiene by, for example, properly segmenting and isolating various networks, regularly performing and testing data backups, and requiring everyone to use dual authentication with regular refreshes. Small companies with limited budgets and internal resources should consider partnering with a firm that can guide them through security planning, installation, and ongoing operations and maintenance.

Q: What is the role of the Board in cybersecurity oversight?

A: If the Board doesn’t have a member from the cybersecurity discipline, it should get one. Fast. A breach can erode Corporate value through the loss of intellectual property or customer trust, and new regulations, such as the European Union General Data Protection Regulation (GDPR), can turn breaches into massive penalties and expenses.

The Board can take a proactive approach to cybersecurity governance by designating Director(s) to conduct oversight and aligning them with the appropriate executive team members so that a clear line of responsibility is established. Second, the cybersecurity posture of the Company should be reviewed at least quarterly, ideally separate from regular Board meetings until security protocols have been institutionalized. Third, the Board should require regular third-party audits to assess the Company’s overall level of cyber hygiene. Rather than focusing on procuring the latest technology, these audits should evaluate the Company’s processes, procedures, and employee adherence to best practices. Lastly, benchmark, benchmark, benchmark. Imitation isn’t only a form of flattery, but where basic cyber hygiene is concerned it is sensible policy. This doesn’t mean copying the exact approaches taken by others, but it DOES mean maintaining awareness of the practices employed by similarly-positioned companies and gaining insights and useful knowledge from their mistakes. By doing so, your team members can have access to timely information on threat intelligence, necessary practices, and when appropriate, new technologies.

Q: You’ve been breached (!) … now what?

A: Call CyFIR. Seriously. Yes, it’s a shameless sales pitch, but no other company is in possession of technology that will help you triage and contain a data security breach faster. Within hours of deployment, you will know every impacted system on your network and likely be completing containment and remediation steps. Competing service providers and technology companies will take months to arrive at the same point of resolution. Want to know if your breach is attributable to an external actor or an internal operator with legitimate credentials? CyFIR is unique in its ability to rapidly answer this question. And if you want to take action in court, respond to a regulator, or pursue any number of other activities associated with a data breach, you will need forensically-assured data. Collecting that data is often prohibitively expensive, unless you’re using CyFIR. To learn more about what happens after a data breach, click here.

View Most Recent Blogs

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.