What We Do
How we do it
Resources
SECURITY ADVISORIES
May 11, 2022
CVE-2022-26923 - Active Directory Domain Services Elevation of Privilege Vulnerability
THE THREAT Microsoft has disclosed a new vulnerability impacting Active Directory Certificate Services (ADCS) tracked as CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability). If exploited successfully, an authenticated attacker can escalate privileges in environments where ADCS is running on the domain. eSentire is aware of technical details and tooling [2] for…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
May 17, 2022
Cybersecurity Leader eSentire Continues Its Commitment to Rigorous Security Standards Earning PCI DSS Certification
Waterloo, ON, May 17, 2022 — eSentire, the Authority in Managed Detection and Response (MDR), maintains one of the most secure and robust IT environments of any MDR provider in the industry. To that end, eSentire today announced that it has received the Payment Card Industry Data Security Standard (PCI DSS) certification, considered one of the most stringent and comprehensive payment card…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Jul 09, 2019

Five Trends Driving Security in the Era of Emerging Tech

Speak With A Security Expert Now

Originally posted in Database Trends and Applications on July 1, 2019.

Nearly every week of 2018 featured headlines of a new cyberattack on companies that people trust with their data, such as Marriott and Facebook. In years past, the biggest concern for companies was being hit with hefty fines, but now, they risk reputation damage if they breach compliance mandates and regulations when they are attacked.

Due to attack pervasiveness and cost, cyber-risk is now a business issue with board-level visibility and increasing spending for preventative services. According to research from eSentire, cybersecurity is no longer only on the minds of IT departments. Today, 60% of business leaders and board members expect that an attack will hit in the next 2–5 years. While the executive team knows cybersecurity should be a major concern, only 30% are confident their business will avoid a major security event within the next 2 years.

Cybersecurity used to be a part of the business related only to the IT department and the CIO. The adage, “the chief intelligence security officer (CISO) is the least interesting person to the board, until they are the most important person,” is no longer true. The research shows that, as attacks have grown, 50% of boards are very familiar with security budget, overall strategy, policies, and technologies, and currently review present-day security and privacy risks. Through this familiarity, 77% of CEOs and boards are optimistic about their firms’ ability to cope with a breach, but only 33% are confident that high value assets are adequately protected.

Additionally, there’s a cybersecurity preparedness paradox between the CEO and board and the tech team. Business leaders are overconfident in their ability to manage a major security breach, but IT departments aren’t as optimistic: Tech leaders are 20% more likely to predict an attack and are 10% less optimistic than business peers in their organization’s preparedness.

As threats grow more pervasive, there’s a wild card at play: emerging tech. These emerging technologies, such as AI, are evolving at a rate with which IT departments struggle to keep pace. At the same time, IT departments are held accountable for business disruption due to expanded threat surfaces that are created by these new technologies in tandem with increasingly sophisticated attacks. As these technologies continue to be adopted by organizations at a rapid rate, they create new security risks because organizations cannot put measures in place to prevent breaches from happening. These emerging technologies have all grabbed headlines for making business-critical operations more seamless, but the risks associated with these technologies is expected to grow. It is the CISO’s job to keep the C-suite informed of and prepared for security threats in the era of emerging tech.

RISKS ASSOCIATED WITH AI

Companies across industries are turning to AI to improve customer experiences, automate work processes, and provide analysis. In fact, 44% of respondents indicate that they have adopted AI to help streamline business operations. The research found that the risks posed by the adoption of AI doubles over the next 3 years. This is due to:

COIN MINING AND BOTNET MALWARE

Bitcoin was one of the biggest trends as blockchain took off. With it, coin mining emerged in two forms: malware on comprised assets and in-browser mining that persists only through the browsing session. As miners worked to uncover Bitcoins, companies saw a 1,500% increase in coin mining malware, according to eSentire research. The research also found that in 2018, the use of botnets increased 500% over 2017, leading to a 250% increase in overall intrusion attempts.

Coin mining malware mines cryptocurrency (typically Monero) directly on infected endpoint devices, such as CoinMiner, or in web browsers, such as Coinhive, when a user visits a website that is running malicious code. Once infected, the coin mining malware silently mines cryptocurrencies while consuming a significant amount of processor cycles. The result is devices with slow, sluggish performances and reduced battery lives.

CLOUD ADOPTION WILL POSE LESS RISK

As mentioned above, 72% of respondents reported that they have adopted cloud-based technologies to increase business performance. Since cloud is now in its second decade, companies are adopting more mature and proven methodologies to secure the cloud. Though cloud security is still critical, the report found that the overall risk posed by cloud over the next 3 years will drop by almost 20%.

In the coming years, cloud will expand to ERP and become the foundation in which security services are built. Cloud will move beyond application-level services to offer a foundation for enterprise-wide systems. The report found that within 12 months, infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) will rival software-as-a-service (SaaS) cloud deployments at around 95% adoption.

As cloud becomes the basis of security services, it will be imperative that organizations take proactive measures to ensure that valuable assets are secure against potential threats.

TRADITIONAL MSSPS WILL SHIFT TO PROACTIVE HUNTING SERVICES

Traditional endpoint security measures are similar to mall cops: They can detect the most obvious cybercriminals and prevent them from wreaking havoc but cannot identify bad actors who can evade detection. Businesses need to update their mall-cop approach to cybersecurity to Navy Seal-like cybersecurity measures that are able to spot deceptive adversaries, swiftly neutralize the threat through automated blocking, or engage in endpoint isolation/containment to stop attacks from spreading.

For the organizations that are adopting cybersecurity technology, traditional managed software service providers (MSSPs) only provide protection on a mall-cop level and don’t provide the full protections that modern cybersecurity threats require. The research found that these traditional MSSPs only have a 45% customer loyalty rate and focus on less mature security offerings. This rate will mark the shift from compliance-centric security to proactive threat-hunting services.

These proactive threat-hunting services offer organizations more peace of mind, because they know they’ll be getting Navy Seal-like protection against potential threats, especially those occurring through emerging tech channels that require new approaches. As security threats become more pervasive and damaging, proactive threat-hunting services work to stop the attacks before they seriously damage an organization.

MOVING BEYOND A COMPLIANCE 3.0 MODEL

Over the years, the cybersecurity industry has been moving through device-focused (Compliance 1.0), alert-focused (Compliance 2.0), and threat-focused (Compliance 3.0) stages. It is expected that the market will transition from today’s regulatory- and compliance-driven security to prevention technology. This shift can be attributed to the need to maintain business integrity and continuous operations through proactive and predictive threat management.

Currently, organizations are moving from a Compliance 1.0 model that is based on meeting the minimum regulation requirements toward Compliance 2.0: preserving a brand, protecting operations, and avoiding financial losses are the drivers of such change. In the coming years, Compliance 3.0 will center around threat-focused measures. As companies move toward the Compliance 3.0 stage, brand and reputation will determine how their security performance is measured. When companies protect the client, they will be protecting their data and services by extension, avoiding the operational disruptions and financial losses.

Cybersecurity is a business hurdle that companies can’t afford to ignore as emerging technologies become core to their ability to compete. When its entire C-suite and board are made aware of what they need to know about cybersecurity attacks, an organization can take the first step toward creating a proactive, Navy Seal-like approach to stop threats in their tracks.

View Most Recent Blogs
eSentire
eSentire

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.