What We Do
How we do it
Resources
SECURITY ADVISORIES
May 11, 2022
CVE-2022-26923 - Active Directory Domain Services Elevation of Privilege Vulnerability
THE THREAT Microsoft has disclosed a new vulnerability impacting Active Directory Certificate Services (ADCS) tracked as CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability). If exploited successfully, an authenticated attacker can escalate privileges in environments where ADCS is running on the domain. eSentire is aware of technical details and tooling [2] for…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
May 17, 2022
Cybersecurity Leader eSentire Continues Its Commitment to Rigorous Security Standards Earning PCI DSS Certification
Waterloo, ON, May 17, 2022 — eSentire, the Authority in Managed Detection and Response (MDR), maintains one of the most secure and robust IT environments of any MDR provider in the industry. To that end, eSentire today announced that it has received the Payment Card Industry Data Security Standard (PCI DSS) certification, considered one of the most stringent and comprehensive payment card…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Mar 26, 2020

How We Move Forward:
New “Forcing Function” Drives the Need for New Cybersecurity Paradigms

Speak With A Security Expert Now

For those unfamiliar with the term “Forcing Function,” it’s any task, activity or event that forces one to take action and produce a result. There’s no question that as of late we’ve been pushed into a global forcing function with how we globally respond to the COVID-19 event currently unfolding.

We’ve seen (especially in the last year) companies continuing digital transformation, whether it be adopting more cloud services, migrating to distributed infrastructure or preparing for a more mobile workforce. The reasons for digital transformation are generally ascribed to: business value such as growth, operational efficiency, faster time-to-market and ultimately, and increased profits. One cause for caution during digital transformation is that introducing new technologies create gaps in defenses which require careful planning to minimize risk before rushing headlong.

Now suddenly, that’s all changed.

COVID-19 is the new forcing function due to the rapid implementation of a default work-from-home environment. Traditional security infrastructures with a particular focus on the firewall hasn’t gone away. But like a thousand seeds bursting from a dandelion, the security horizon has suddenly exploded, and we’ve all been forced—in some ways kicking and screaming—to move to a more distributed workforce that relies on borderless endpoints and other technology not protected by traditional firewalls and physical defenses.

Security strategy historically lags behind new technology adoption. The Internet itself was architected with an eye to resilience: get this packet from this system to that other system by any route possible. Similarly, cloud offerings were brought to market with promises of flexibility and cheaper infrastructure. And, consumer-grade mobile devices were incorporated into business functions. None of these examples debuted with more secure services. The need for new security measures came when threat actors stormed the gates.

As we are forced forward into our new reality, I strongly urge you to think now about the new processes and mechanisms required to secure it. This doesn’t mean we can ignore the previous methods in place; there’s still a need for components such as strong firewall policy, identity management, endpoint patching, vulnerability scanning and VPN access.

But we need to consider what this “new normal” requires to continue with a rigorous security stance and to prepare for edge cases we’d not considered before. For example, even if you have a well-defined incident response plan in place, fully documented within playbooks with tabletop exercises performed every quarter … how would you be able to affect a proper incident response scenario if nobody is in your office? If you had to create a forensic copy of a system implemented in AWS, do you have the proper credentials and process in place to perform this?

It’s a brave new world of digital transformation. We best respond to it by quickly assessing our exposure and making sure that we’ve maintained the same depth and breadth of information security coverage and update our policies, processes, and procedures appropriately.

View Most Recent Blogs
Eldon Sprickerhoff
Eldon Sprickerhoff Founder and Chief Innovation Officer
In founding eSentire, Eldon Sprickerhoff responded to the incipient yet rapidly growing demand for a more proactive approach to preventing and investigating information security breaches. Now with over twenty years of tactical experience, he is acknowledged as a subject matter expert in information security analysis.