Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
eSentire will be hosting this event.
Join us for a live webinar with Keegan Keplinger, Research and Reporting…
eSentire will be hosting a virtual webinar.
For what seemed like the first time in a long time, cybersecurity industry professionals from around the world recently got together at two leading events on opposite sides of the U.S.: RSA Conference 2022 in San Francisco and the Gartner Security & Risk Management Summit 2022 in National Harbor.
To recap the major themes and observations from these events, Erin McLean, our Chief Marketing Officer, caught up with three eSentire experts who were right in the mix:
So, how is the cybersecurity market shifting and more importantly, how are cybersecurity leaders and practitioners adapting? Here’s what our eSentire experts had to say about key takeaways from both events:
Compared to years past, when the questions were focused more on features and technologies, the conversations at RSA this year were much more centered on achieving meaningful outcomes like reducing cyber risk and gaining 24/7 eyes on glass visibility across the entire IT environment. In fact, when specific tools and technologies were discussed, it was in the context of driving business benefits—so less of the “what?” and “how?” and more of the “why?” and “so what?”
Perhaps the most common specific outcome cybersecurity leaders are looking for is to strengthen cloud security. Increasingly, IT and cybersecurity leaders recognize that traditional cybersecurity measures just aren’t well-suited to the cloud because their visibility is limited, and they lack the controls needed to safeguard against today’s advanced threats.
With most businesses several years into their cloud migration programs—and learning the hard way that some previously held beliefs are actually misconceptions—we expect cloud security capabilities to be a major topic for the rest of the year.
The CISO role is relatively new—both to the individuals who wear the hat and to the organizations they’re a part of. To that end, many of the discussions at the Gartner Security & Risk Management Summit were around the expectations of the role and how to make the organization successful. For example, there’s still a misconception that the CISO position is very hands-on and tactical, rather than one focused on executive-level strategic leadership.
Business outcome-based cybersecurity conversations are making their way into executive boardrooms with increasing frequency and urgency. This should be unsurprising considering more and more IT/Security professionals are looking to direct finite funds in the most effective manner while keeping the executive leadership and board team in the loop.
As a result, these “cyber-savvy boards” are beginning to discuss topics like cyber risk appetite, cyber risk tolerance, cyber risk quantification, and the risk-based approach to cybersecurity with increasing frequency.
Surprisingly, the concept of Managed Detection and Response (MDR) remains poorly understood by many organizations. On more than one occasion, our team was asked to explain how we deliver 24/7 detection and response capabilities.
What’s perhaps more shocking is how many security leaders only staffed their cybersecurity teams during businesses hours, as if adversaries need more than a few hours to significantly disrupt a business or are polite enough to only attack businesses on Monday to Friday, between 9am - 6pm.
Fortunately, once the concept of MDR was clarified, the questions shifted to more practical issues such as, “Can you work with my existing controls?” and “How do you work with my security team?”
In addition to confusion around MDR, there was also a lot of confusion over Extended Detection and Response (XDR). In this scenario, cybersecurity leaders and practitioners were most eager to learn:
These questions demonstrate that decision makers are finding it hard to distinguish between true XDR solutions and those that are taking liberties with the label.
Understandably, another frequent question also arose: “How are XDR and MDR different?” This only speaks to confusion in the cybersecurity marketplace. Although the abbreviations are similar enough, MDR and XDR aren’t the same thing. As we mentioned in our XDR: The Secret to Highly Effective Managed Detection and Response (MDR) Services eBook, the distinction is quite clear:
MDR is a comprehensive service offering that’s built upon this technology foundation, but it also includes access to human experts, taking intuitive, manual actions to respond & remediate threats, and optimize security operations, when an automated action is not possible.
XDR is a technological approach that enables high-fidelity detection, faster and more accurate investigations and automated responses.
Cybersecurity is hard, and it’s only getting harder as threats evolve and adversaries become more sophisticated at the same time as IT environments grow vastly more expansive and digital transformation continues.
After all, it’s a challenge even for cybersecurity experts to choose and implement the technologies needed to manage cyber risk.
Fortunately, one thing Tia, Greg, and Mark all agreed on was that the conversations are maturing:
And perhaps most importantly, security leaders are thinking more about outcomes and less about specific tools, demonstrating a recognition that cybersecurity isn’t an IT problem to solve, but a business risk to manage.
To learn how eSentire can help put your business ahead of disruption and build a robust security operation, book a meeting with one of our cybersecurity specialists now.
eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.