What We Do
How we do it
Jan 13, 2022
GootLoader Hackers Are Compromising Employees of Law and Accounting Firms, Warns eSentire
GootLoader Gang Launches Wide-Spread Cyberattacks Enticing Legal and Accounting Employees to Download Malware eSentire, the industry’s leading Managed Detection and Response (MDR) cybersecurity provider, is warning law and accounting firms of a wide-spread GootLoader hacker campaign. In the past three weeks and as recently as January 6, eSentire’s threat hunters have intercepted and shut down…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Oct 28, 2021
Telarus and eSentire Expand Partnership to Safeguard Enterprises Globally Against Business Disrupting Ransomware and Zero-Day Attacks
London, UK and Sydney, Australia– Oct. 28, 2021 - eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announces the expansion of its partnership with Telarus, the largest privately-held distributor of business cloud infrastructure and contact centre services. Building on their mutual success across North America, Telarus will bring eSentire’s Managed…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Jun 17, 2021

CyFIR Leadership Q&A: Small-Cap Companies

Speak With A Security Expert Now
This blog was originally published on CyFIR.com and has been reposted as-is here following eSentire’s acquisition of CyFIR Inc. in June 2021. As of the date of the acquisition, no changes have been made to the content below.

All enterprises, large and small, must safeguard against cyber threats. However, small-cap companies face many unique challenges that increase their risk exposure. By understanding these risks and developing an appropriate cybersecurity strategy, small-cap companies can significantly reduce the likelihood – and potential severity – of a breach.

Q: Why are small-cap companies targeted by cyber criminals? How can small-cap companies become a less attractive target?

A: Small companies tend to be focused on growth, revenue, and running the business — as they should. Cybersecurity is often an afterthought, leaving many companies without the programs and staff necessary to prepare for, or respond to, a security breach. Cyber criminals know that small companies rarely have strong, well-planned, and fully-patched security devices, programs, and protocols. As a result, they become attractive targets, especially as testing grounds, for new cybercrime techniques.

To reduce the risk of an attack, small companies need to improve their security posture. Companies should develop an incident response plan and consider retaining a service provider that can act immediately when a breach is suspected. Outsourcing to a company that specializes in overall IT security management is often the best choice for a smaller company, as the ongoing monthly costs are usually less than maintaining a qualified and continually-trained in-house IT security staff.

Q: Why is a “culture of security” important to cybersecurity resilience, and how can companies develop such a culture among their employees? 

A: In an era of teleworking and employee-owned electronic devices, it can be challenging to develop a security-conscious corporate culture. Too often, managers try to create a culture of security by simply imposing new rules and security constraints, which can inadvertently send a message of mistrust. Instead, companies should begin by making sure all employees understand what is at stake — that with a single misstep the Company and their livelihoods could be irreversibly damaged. Companies should begin by ensuring that everyone, including management and the Board, possesses a baseline understanding of cybersecurity principles. This requires training on how to maintain good cybersecurity hygiene, as well as personal vigilance, regardless of whether an employee is working in the office or at home.

Q: What is the role of planning in developing and executing an effective cybersecurity strategy?

A: Proper cybersecurity planning and execution can be the difference between a suite of tools and procedures that work seamlessly together or a patchwork of duplicative tools, sold by different vendors, that increase cost without delivering a secure environment. All companies should develop a plan that systematically ensures good cyber hygiene by, for example, properly segmenting and isolating various networks, regularly performing and testing data backups, and requiring everyone to use dual authentication with regular refreshes. Small companies with limited budgets and internal resources should consider partnering with a firm that can guide them through security planning, installation, and ongoing operations and maintenance.

Q: What is the role of the Board in cybersecurity oversight?

A: If the Board doesn’t have a member from the cybersecurity discipline, it should get one. Fast. A breach can erode Corporate value through the loss of intellectual property or customer trust, and new regulations, such as the European Union General Data Protection Regulation (GDPR), can turn breaches into massive penalties and expenses.

The Board can take a proactive approach to cybersecurity governance by designating Director(s) to conduct oversight and aligning them with the appropriate executive team members so that a clear line of responsibility is established. Second, the cybersecurity posture of the Company should be reviewed at least quarterly, ideally separate from regular Board meetings until security protocols have been institutionalized. Third, the Board should require regular third-party audits to assess the Company’s overall level of cyber hygiene. Rather than focusing on procuring the latest technology, these audits should evaluate the Company’s processes, procedures, and employee adherence to best practices. Lastly, benchmark, benchmark, benchmark. Imitation isn’t only a form of flattery, but where basic cyber hygiene is concerned it is sensible policy. This doesn’t mean copying the exact approaches taken by others, but it DOES mean maintaining awareness of the practices employed by similarly-positioned companies and gaining insights and useful knowledge from their mistakes. By doing so, your team members can have access to timely information on threat intelligence, necessary practices, and when appropriate, new technologies.

Q: You’ve been breached (!) … now what?

A: Call CyFIR. Seriously. Yes, it’s a shameless sales pitch, but no other company is in possession of technology that will help you triage and contain a data security breach faster. Within hours of deployment, you will know every impacted system on your network and likely be completing containment and remediation steps. Competing service providers and technology companies will take months to arrive at the same point of resolution. Want to know if your breach is attributable to an external actor or an internal operator with legitimate credentials? CyFIR is unique in its ability to rapidly answer this question. And if you want to take action in court, respond to a regulator, or pursue any number of other activities associated with a data breach, you will need forensically-assured data. Collecting that data is often prohibitively expensive, unless you’re using CyFIR. To learn more about what happens after a data breach, click here.

View Most Recent Blogs

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.