What We Do
How We Do
Get Started

How is the Cybersecurity Industry Shifting Gears? Three Experts Weigh In

Did you miss RSA Conference 2022 or the Gartner Security & Risk Management Summit 2022? Here’s a quick recap of the major themes.

BY eSentire

June 29, 2022 | 4 MINS READ

Cyber Risk

Managed Detection and Response

Cybersecurity Strategy

Want to learn more on how to achieve Cyber Resilience?


For what seemed like the first time in a long time, cybersecurity industry professionals from around the world recently got together at two leading events on opposite sides of the U.S.: RSA Conference 2022 in San Francisco and the Gartner Security & Risk Management Summit 2022 in National Harbor.

To recap the major themes and observations from these events, Erin McLean, our Chief Marketing Officer, caught up with three eSentire experts who were right in the mix:

So, how is the cybersecurity market shifting and more importantly, how are cybersecurity leaders and practitioners adapting? Here’s what our eSentire experts had to say about key takeaways from both events:

Takeaway #1: Outcomes are driving the conversations

Compared to years past, when the questions were focused more on features and technologies, the conversations at RSA this year were much more centered on achieving meaningful outcomes like reducing cyber risk and gaining 24/7 eyes on glass visibility across the entire IT environment. In fact, when specific tools and technologies were discussed, it was in the context of driving business benefits—so less of the “what?” and “how?” and more of the “why?” and “so what?”

Perhaps the most common specific outcome cybersecurity leaders are looking for is to strengthen cloud security. Increasingly, IT and cybersecurity leaders recognize that traditional cybersecurity measures just aren’t well-suited to the cloud because their visibility is limited, and they lack the controls needed to safeguard against today’s advanced threats.

With most businesses several years into their cloud migration programs—and learning the hard way that some previously held beliefs are actually misconceptions—we expect cloud security capabilities to be a major topic for the rest of the year.

Takeaway #2: Cyber risk management is increasingly a board-level issue

The CISO role is relatively new—both to the individuals who wear the hat and to the organizations they’re a part of. To that end, many of the discussions at the Gartner Security & Risk Management Summit were around the expectations of the role and how to make the organization successful. For example, there’s still a misconception that the CISO position is very hands-on and tactical, rather than one focused on executive-level strategic leadership.

Business outcome-based cybersecurity conversations are making their way into executive boardrooms with increasing frequency and urgency. This should be unsurprising considering more and more IT/Security professionals are looking to direct finite funds in the most effective manner while keeping the executive leadership and board team in the loop.

As a result, these “cyber-savvy boards” are beginning to discuss topics like cyber risk appetite, cyber risk tolerance, cyber risk quantification, and the risk-based approach to cybersecurity with increasing frequency.

Takeaway #3: Questions abound—particularly around MDR and XDR

Surprisingly, the concept of Managed Detection and Response (MDR) remains poorly understood by many organizations. On more than one occasion, our team was asked to explain how we deliver 24/7 detection and response capabilities.

What’s perhaps more shocking is how many security leaders only staffed their cybersecurity teams during businesses hours, as if adversaries need more than a few hours to significantly disrupt a business or are polite enough to only attack businesses on Monday to Friday, between 9am - 6pm.

Fortunately, once the concept of MDR was clarified, the questions shifted to more practical issues such as, “Can you work with my existing controls?” and “How do you work with my security team?”

In addition to confusion around MDR, there was also a lot of confusion over Extended Detection and Response (XDR). In this scenario, cybersecurity leaders and practitioners were most eager to learn:

These questions demonstrate that decision makers are finding it hard to distinguish between true XDR solutions and those that are taking liberties with the label.

Understandably, another frequent question also arose: “How are XDR and MDR different?” This only speaks to confusion in the cybersecurity marketplace. Although the abbreviations are similar enough, MDR and XDR aren’t the same thing. As we mentioned in our XDR: The Secret to Highly Effective Managed Detection and Response (MDR) Services eBook, the distinction is quite clear:

MDR is a comprehensive service offering that’s built upon this technology foundation, but it also includes access to human experts, taking intuitive, manual actions to respond & remediate threats, and optimize security operations, when an automated action is not possible.

XDR is a technological approach that enables high-fidelity detection, faster and more accurate investigations and automated responses.

Wrapping Up

Cybersecurity is hard, and it’s only getting harder as threats evolve and adversaries become more sophisticated at the same time as IT environments grow vastly more expansive and digital transformation continues.

After all, it’s a challenge even for cybersecurity experts to choose and implement the technologies needed to manage cyber risk.

Fortunately, one thing Tia, Greg, and Mark all agreed on was that the conversations are maturing:

And perhaps most importantly, security leaders are thinking more about outcomes and less about specific tools, demonstrating a recognition that cybersecurity isn’t an IT problem to solve, but a business risk to manage.

To learn how eSentire can help put your business ahead of disruption and build a robust security operation, book a meeting with one of our cybersecurity specialists now.


eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit: www.esentire.com and follow @eSentire.

Read the Latest from eSentire