What We Do
How we do it
Resources
SECURITY ADVISORIES
Oct 19, 2021
Hackers Infect Employees of Law Firms, Manufacturing Companies, and Financial Services Orgs. with Increasingly Pervasive Infostealer, SolarMarker
SolarMarker Infects 5X More Corporate Victims Using Over a Million Poisoned WordPress Pages Key Takeaways eSentire has observed a fivefold increase in SolarMarker infections. Prior to September, eSentire’s Threat Response Unit (TRU) detected and shut down one infection per week. Beginning in September, TRU averaged the detection and shutdown of five per week. SolarMarker is a…
Read More
View all Advisories →
Company
ABOUT eSENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Oct 12, 2021
eSentire Launches MDR with Microsoft Azure Sentinel Extending Response Capabilities Across Entire Microsoft Security Ecosystem
Waterloo, ON – Oct. 12, 2021 -- eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announced the expansion of its award-winning MDR services with Microsoft Azure Sentinel, as part of its integration with the complete Microsoft 365 Defender and Azure Defender product suites supporting Microsoft SIEM, endpoint, identity, email and cloud security services.…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
PARTNER RESOURCES
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Jul 09, 2019

Five Trends Driving Security in the Era of Emerging Tech

Originally posted in Database Trends and Applications on July 1, 2019.

Nearly every week of 2018 featured headlines of a new cyberattack on companies that people trust with their data, such as Marriott and Facebook. In years past, the biggest concern for companies was being hit with hefty fines, but now, they risk reputation damage if they breach compliance mandates and regulations when they are attacked.

Due to attack pervasiveness and cost, cyber-risk is now a business issue with board-level visibility and increasing spending for preventative services. According to research from eSentire, cybersecurity is no longer only on the minds of IT departments. Today, 60% of business leaders and board members expect that an attack will hit in the next 2–5 years. While the executive team knows cybersecurity should be a major concern, only 30% are confident their business will avoid a major security event within the next 2 years.

Cybersecurity used to be a part of the business related only to the IT department and the CIO. The adage, “the chief intelligence security officer (CISO) is the least interesting person to the board, until they are the most important person,” is no longer true. The research shows that, as attacks have grown, 50% of boards are very familiar with security budget, overall strategy, policies, and technologies, and currently review present-day security and privacy risks. Through this familiarity, 77% of CEOs and boards are optimistic about their firms’ ability to cope with a breach, but only 33% are confident that high value assets are adequately protected.

Additionally, there’s a cybersecurity preparedness paradox between the CEO and board and the tech team. Business leaders are overconfident in their ability to manage a major security breach, but IT departments aren’t as optimistic: Tech leaders are 20% more likely to predict an attack and are 10% less optimistic than business peers in their organization’s preparedness.

As threats grow more pervasive, there’s a wild card at play: emerging tech. These emerging technologies, such as AI, are evolving at a rate with which IT departments struggle to keep pace. At the same time, IT departments are held accountable for business disruption due to expanded threat surfaces that are created by these new technologies in tandem with increasingly sophisticated attacks. As these technologies continue to be adopted by organizations at a rapid rate, they create new security risks because organizations cannot put measures in place to prevent breaches from happening. These emerging technologies have all grabbed headlines for making business-critical operations more seamless, but the risks associated with these technologies is expected to grow. It is the CISO’s job to keep the C-suite informed of and prepared for security threats in the era of emerging tech.

RISKS ASSOCIATED WITH AI

Companies across industries are turning to AI to improve customer experiences, automate work processes, and provide analysis. In fact, 44% of respondents indicate that they have adopted AI to help streamline business operations. The research found that the risks posed by the adoption of AI doubles over the next 3 years. This is due to:

COIN MINING AND BOTNET MALWARE

Bitcoin was one of the biggest trends as blockchain took off. With it, coin mining emerged in two forms: malware on comprised assets and in-browser mining that persists only through the browsing session. As miners worked to uncover Bitcoins, companies saw a 1,500% increase in coin mining malware, according to eSentire research. The research also found that in 2018, the use of botnets increased 500% over 2017, leading to a 250% increase in overall intrusion attempts.

Coin mining malware mines cryptocurrency (typically Monero) directly on infected endpoint devices, such as CoinMiner, or in web browsers, such as Coinhive, when a user visits a website that is running malicious code. Once infected, the coin mining malware silently mines cryptocurrencies while consuming a significant amount of processor cycles. The result is devices with slow, sluggish performances and reduced battery lives.

CLOUD ADOPTION WILL POSE LESS RISK

As mentioned above, 72% of respondents reported that they have adopted cloud-based technologies to increase business performance. Since cloud is now in its second decade, companies are adopting more mature and proven methodologies to secure the cloud. Though cloud security is still critical, the report found that the overall risk posed by cloud over the next 3 years will drop by almost 20%.

In the coming years, cloud will expand to ERP and become the foundation in which security services are built. Cloud will move beyond application-level services to offer a foundation for enterprise-wide systems. The report found that within 12 months, infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) will rival software-as-a-service (SaaS) cloud deployments at around 95% adoption.

As cloud becomes the basis of security services, it will be imperative that organizations take proactive measures to ensure that valuable assets are secure against potential threats.

TRADITIONAL MSSPS WILL SHIFT TO PROACTIVE HUNTING SERVICES

Traditional endpoint security measures are similar to mall cops: They can detect the most obvious cybercriminals and prevent them from wreaking havoc but cannot identify bad actors who can evade detection. Businesses need to update their mall-cop approach to cybersecurity to Navy Seal-like cybersecurity measures that are able to spot deceptive adversaries, swiftly neutralize the threat through automated blocking, or engage in endpoint isolation/containment to stop attacks from spreading.

For the organizations that are adopting cybersecurity technology, traditional managed software service providers (MSSPs) only provide protection on a mall-cop level and don’t provide the full protections that modern cybersecurity threats require. The research found that these traditional MSSPs only have a 45% customer loyalty rate and focus on less mature security offerings. This rate will mark the shift from compliance-centric security to proactive threat-hunting services.

These proactive threat-hunting services offer organizations more peace of mind, because they know they’ll be getting Navy Seal-like protection against potential threats, especially those occurring through emerging tech channels that require new approaches. As security threats become more pervasive and damaging, proactive threat-hunting services work to stop the attacks before they seriously damage an organization.

MOVING BEYOND A COMPLIANCE 3.0 MODEL

Over the years, the cybersecurity industry has been moving through device-focused (Compliance 1.0), alert-focused (Compliance 2.0), and threat-focused (Compliance 3.0) stages. It is expected that the market will transition from today’s regulatory- and compliance-driven security to prevention technology. This shift can be attributed to the need to maintain business integrity and continuous operations through proactive and predictive threat management.

Currently, organizations are moving from a Compliance 1.0 model that is based on meeting the minimum regulation requirements toward Compliance 2.0: preserving a brand, protecting operations, and avoiding financial losses are the drivers of such change. In the coming years, Compliance 3.0 will center around threat-focused measures. As companies move toward the Compliance 3.0 stage, brand and reputation will determine how their security performance is measured. When companies protect the client, they will be protecting their data and services by extension, avoiding the operational disruptions and financial losses.

Cybersecurity is a business hurdle that companies can’t afford to ignore as emerging technologies become core to their ability to compete. When its entire C-suite and board are made aware of what they need to know about cybersecurity attacks, an organization can take the first step toward creating a proactive, Navy Seal-like approach to stop threats in their tracks.

Mark Sangster
Mark Sangster Vice President and Industry Security Strategist

Mark is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations.