What We Do
How we do it
Resources
TRU INTELLIGENCE CENTER
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
SECURITY ADVISORIES
Aug 03, 2022
CVE-2022-31656 – Critical VMware Vulnerability
THE THREAT On August 2nd, 2022, VMware disclosed a new critical vulnerability impacting multiple VMware products. The vulnerability, tracked as CVE-2022-31656 (CVSS: 9.8) is an authentication…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Aug 11, 2022
eSentire Researchers Unmask the Top Malware Supplier to Russia’s Most Notorious Financial Crime Families: Fin6 and Cobalt Group
Waterloo, ON, and Las Vegas, NV, August 11, 2022 — eSentire, the Authority in Managed Detection and Response (MDR), released a report today, unmasking the threat actor behind the Golden Chickens malware, the weapon of choice for Russia’s most infamous financial cybercrime families— FIN6 and Cobalt Group. Joe Stewart and Keegan Keplinger, security researchers with eSentire‘s Threat Response Unit…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Jun 29, 2022

How is the Cybersecurity Industry Shifting Gears? Three Experts Weigh In

Did you miss RSA Conference 2022 or the Gartner Security & Risk Management Summit 2022? Here’s a quick recap of the major themes.

4 minutes read
Speak With A Security Expert Now

For what seemed like the first time in a long time, cybersecurity industry professionals from around the world recently got together at two leading events on opposite sides of the U.S.: RSA Conference 2022 in San Francisco and the Gartner Security & Risk Management Summit 2022 in National Harbor.

To recap the major themes and observations from these events, Erin McLean, our Chief Marketing Officer, caught up with three eSentire experts who were right in the mix:


So, how is the cybersecurity market shifting and more importantly, how are cybersecurity leaders and practitioners adapting? Here’s what our eSentire experts had to say about key takeaways from both events:

Takeaway #1: Outcomes are driving the conversations

Compared to years past, when the questions were focused more on features and technologies, the conversations at RSA this year were much more centered on achieving meaningful outcomes like reducing cyber risk and gaining 24/7 eyes on glass visibility across the entire IT environment. In fact, when specific tools and technologies were discussed, it was in the context of driving business benefits—so less of the “what?” and “how?” and more of the “why?” and “so what?”

Perhaps the most common specific outcome cybersecurity leaders are looking for is to strengthen cloud security. Increasingly, IT and cybersecurity leaders recognize that traditional cybersecurity measures just aren’t well-suited to the cloud because their visibility is limited, and they lack the controls needed to safeguard against today’s advanced threats.

With most businesses several years into their cloud migration programs—and learning the hard way that some previously held beliefs are actually misconceptions—we expect cloud security capabilities to be a major topic for the rest of the year.

Takeaway #2: Cyber risk management is increasingly a board-level issue

The CISO role is relatively new—both to the individuals who wear the hat and to the organizations they’re a part of. To that end, many of the discussions at the Gartner Security & Risk Management Summit were around the expectations of the role and how to make the organization successful. For example, there’s still a misconception that the CISO position is very hands-on and tactical, rather than one focused on executive-level strategic leadership.

Business outcome-based cybersecurity conversations are making their way into executive boardrooms with increasing frequency and urgency. This should be unsurprising considering more and more IT/Security professionals are looking to direct finite funds in the most effective manner while keeping the executive leadership and board team in the loop.

As a result, these “cyber-savvy boards” are beginning to discuss topics like cyber risk appetite, cyber risk tolerance, cyber risk quantification, and the risk-based approach to cybersecurity with increasing frequency.

Takeaway #3: Questions abound—particularly around MDR and XDR

Surprisingly, the concept of Managed Detection and Response (MDR) remains poorly understood by many organizations. On more than one occasion, our team was asked to explain how we deliver 24/7 detection and response capabilities.

What’s perhaps more shocking is how many security leaders only staffed their cybersecurity teams during businesses hours, as if adversaries need more than a few hours to significantly disrupt a business or are polite enough to only attack businesses on Monday to Friday, between 9am - 6pm.

Fortunately, once the concept of MDR was clarified, the questions shifted to more practical issues such as, “Can you work with my existing controls?” and “How do you work with my security team?”

In addition to confusion around MDR, there was also a lot of confusion over Extended Detection and Response (XDR). In this scenario, cybersecurity leaders and practitioners were most eager to learn:

These questions demonstrate that decision makers are finding it hard to distinguish between true XDR solutions and those that are taking liberties with the label.

Understandably, another frequent question also arose: “How are XDR and MDR different?” This only speaks to confusion in the cybersecurity marketplace. Although the abbreviations are similar enough, MDR and XDR aren’t the same thing. As we mentioned in our XDR: The Secret to Highly Effective Managed Detection and Response (MDR) Services eBook, the distinction is quite clear:

MDR is a comprehensive service offering that’s built upon this technology foundation, but it also includes access to human experts, taking intuitive, manual actions to respond & remediate threats, and optimize security operations, when an automated action is not possible.

XDR is a technological approach that enables high-fidelity detection, faster and more accurate investigations and automated responses.

Wrapping Up

Cybersecurity is hard, and it’s only getting harder as threats evolve and adversaries become more sophisticated at the same time as IT environments grow vastly more expansive and digital transformation continues.

After all, it’s a challenge even for cybersecurity experts to choose and implement the technologies needed to manage cyber risk.

Fortunately, one thing Tia, Greg, and Mark all agreed on was that the conversations are maturing:

And perhaps most importantly, security leaders are thinking more about outcomes and less about specific tools, demonstrating a recognition that cybersecurity isn’t an IT problem to solve, but a business risk to manage.

To learn how eSentire can help put your business ahead of disruption and build a robust security operation, book a meeting with one of our cybersecurity specialists now.

Join 100,000+ Security Leaders

Get notified of the latest news, intel and helpful tools & assets. You can unsubscribe anytime.

By clicking the button below I confirm that I have read and agree to the eSentire privacy policy.

View Most Recent Blogs
eSentire
eSentire

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.