What We Do
How we do it
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
Mar 15, 2023
CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Zero-Day Vulnerability
THE THREAT On March 14th, as part of Microsoft’s monthly Patch Tuesday release, the company disclosed a critical, actively exploited vulnerability impacting Microsoft Office and Outlook. The…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Mar 20, 2023
Exertis and eSentire Partner to Deliver 24/7 Multi-Signal MDR, Digital Forensics & IR Services and Exposure Management to Organisations Across the UK, Ireland, and Europe
Basingstoke, UK– 20 March, 2023. Leading technology distributor, Exertis, announced today that it has bolstered its cybersecurity services, adding eSentire, the Authority in Managed Detection and Response (MDR), to its Enterprise portfolio of offerings. eSentire’s award-winning, 24/7 multi-signal MDR, Digital Forensics & Incident Response (IR), and Exposure Management services will be available…
Read More
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Jun 29, 2022

How is the Cybersecurity Industry Shifting Gears? Three Experts Weigh In

Did you miss RSA Conference 2022 or the Gartner Security & Risk Management Summit 2022? Here’s a quick recap of the major themes.

4 minutes read
Speak With A Security Expert Now

For what seemed like the first time in a long time, cybersecurity industry professionals from around the world recently got together at two leading events on opposite sides of the U.S.: RSA Conference 2022 in San Francisco and the Gartner Security & Risk Management Summit 2022 in National Harbor.

To recap the major themes and observations from these events, Erin McLean, our Chief Marketing Officer, caught up with three eSentire experts who were right in the mix:

So, how is the cybersecurity market shifting and more importantly, how are cybersecurity leaders and practitioners adapting? Here’s what our eSentire experts had to say about key takeaways from both events:

Takeaway #1: Outcomes are driving the conversations

Compared to years past, when the questions were focused more on features and technologies, the conversations at RSA this year were much more centered on achieving meaningful outcomes like reducing cyber risk and gaining 24/7 eyes on glass visibility across the entire IT environment. In fact, when specific tools and technologies were discussed, it was in the context of driving business benefits—so less of the “what?” and “how?” and more of the “why?” and “so what?”

Perhaps the most common specific outcome cybersecurity leaders are looking for is to strengthen cloud security. Increasingly, IT and cybersecurity leaders recognize that traditional cybersecurity measures just aren’t well-suited to the cloud because their visibility is limited, and they lack the controls needed to safeguard against today’s advanced threats.

With most businesses several years into their cloud migration programs—and learning the hard way that some previously held beliefs are actually misconceptions—we expect cloud security capabilities to be a major topic for the rest of the year.

Takeaway #2: Cyber risk management is increasingly a board-level issue

The CISO role is relatively new—both to the individuals who wear the hat and to the organizations they’re a part of. To that end, many of the discussions at the Gartner Security & Risk Management Summit were around the expectations of the role and how to make the organization successful. For example, there’s still a misconception that the CISO position is very hands-on and tactical, rather than one focused on executive-level strategic leadership.

Business outcome-based cybersecurity conversations are making their way into executive boardrooms with increasing frequency and urgency. This should be unsurprising considering more and more IT/Security professionals are looking to direct finite funds in the most effective manner while keeping the executive leadership and board team in the loop.

As a result, these “cyber-savvy boards” are beginning to discuss topics like cyber risk appetite, cyber risk tolerance, cyber risk quantification, and the risk-based approach to cybersecurity with increasing frequency.

Takeaway #3: Questions abound—particularly around MDR and XDR

Surprisingly, the concept of Managed Detection and Response (MDR) remains poorly understood by many organizations. On more than one occasion, our team was asked to explain how we deliver 24/7 detection and response capabilities.

What’s perhaps more shocking is how many security leaders only staffed their cybersecurity teams during businesses hours, as if adversaries need more than a few hours to significantly disrupt a business or are polite enough to only attack businesses on Monday to Friday, between 9am - 6pm.

Fortunately, once the concept of MDR was clarified, the questions shifted to more practical issues such as, “Can you work with my existing controls?” and “How do you work with my security team?”

In addition to confusion around MDR, there was also a lot of confusion over Extended Detection and Response (XDR). In this scenario, cybersecurity leaders and practitioners were most eager to learn:

These questions demonstrate that decision makers are finding it hard to distinguish between true XDR solutions and those that are taking liberties with the label.

Understandably, another frequent question also arose: “How are XDR and MDR different?” This only speaks to confusion in the cybersecurity marketplace. Although the abbreviations are similar enough, MDR and XDR aren’t the same thing. As we mentioned in our XDR: The Secret to Highly Effective Managed Detection and Response (MDR) Services eBook, the distinction is quite clear:

MDR is a comprehensive service offering that’s built upon this technology foundation, but it also includes access to human experts, taking intuitive, manual actions to respond & remediate threats, and optimize security operations, when an automated action is not possible.

XDR is a technological approach that enables high-fidelity detection, faster and more accurate investigations and automated responses.

Wrapping Up

Cybersecurity is hard, and it’s only getting harder as threats evolve and adversaries become more sophisticated at the same time as IT environments grow vastly more expansive and digital transformation continues.

After all, it’s a challenge even for cybersecurity experts to choose and implement the technologies needed to manage cyber risk.

Fortunately, one thing Tia, Greg, and Mark all agreed on was that the conversations are maturing:

And perhaps most importantly, security leaders are thinking more about outcomes and less about specific tools, demonstrating a recognition that cybersecurity isn’t an IT problem to solve, but a business risk to manage.

To learn how eSentire can help put your business ahead of disruption and build a robust security operation, book a meeting with one of our cybersecurity specialists now.

View Most Recent Blogs

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.