What We Do
How we do it
Oct 18, 2021
Grief Ransomware Gang Claims 41 New Victims, Targeting Manufacturers; Municipalities; & Service Companies in U.K. & Europe
Grief Operators Earned an Estimated 8.5 Million British Pounds in Four Months Key Findings: The Grief Ransomware Gang (a rebrand of the DoppelPaymer Ransomware Group) claims to have infected 41 new victims between May 27, 2021—Oct. 1, 2021 with their ransomware.Over half the companies listed on Grief’s underground leak site are based in the U.K. and Europe. The Grief Ransomware Gang appears to…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Oct 12, 2021
eSentire Launches MDR with Microsoft Azure Sentinel Extending Response Capabilities Across Entire Microsoft Security Ecosystem
Waterloo, ON – Oct. 12, 2021 -- eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announced the expansion of its award-winning MDR services with Microsoft Azure Sentinel, as part of its integration with the complete Microsoft 365 Defender and Azure Defender product suites supporting Microsoft SIEM, endpoint, identity, email and cloud security services.…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Jun 20, 2019

Incorporating cloud security strategies into the AI and IoT era

As seen in Risk Management on June 19, 2019

Artificial intelligence (AI) and the internet of things (IoT) offer tremendous business value, transforming companies as we know them and creating altogether new ones. Adoption of both technologies are quickly on the rise: according to eSentire’s FutureWatch report, 44% of businesses are actively adopting AI technology and 49% are adopting IoT/IIoT (industrial internet of things). But the adoption of AI and IoT put enterprises at big risk, as IT resources are being stretched thin to keep up with security requirements while scaling these technologies.

This same challenge existed at the start of the cloud computing revolution. The FutureWatch report found that while even today cloud services top the technology adoption chart, the overall risk posed to businesses by cloud over the next three years will drop by nearly 20%. With the cloud now in its second decade, companies are adopting more mature and proven methodologies to secure it. Seventy-two percent of companies are currently using or plan to deploy cloud services. AI and IoT, on the other hand, will overtake cloud as the biggest emerging technology risk: The risks posed by the adoption of AI will double over the next three years and IoT risks will also rise nearly 30%.

Risk associated with emerging technologies like AI and IoT becomes more concerning as adoption rates accelerate, compressing the time in which organizations and vendors can adapt, develop appropriate security controls and deploy protective solutions. AI and IoT illustrate this growing problem. While cloud adoption is in its second decade, AI and IoT adoption will likely catch up in three years. This diffusion of innovation leaves a small margin in which to mitigate the potential risk resulting from these new technologies.

For better or worse, there is a direct correlation between businesses’ susceptibility to risk and appetite to adopt emerging technologies like AI and IoT. Fortunately, security leaders can apply several lessons from the cloud era:

Embrace Giving Up (Some) Control Where There Is Business Value
The rise of cloud marked a major paradigm shift in enterprise technology: IT was no longer running on premises, and with that came a sense that security matters were no longer in their control. The fear of giving up complete control created a major barrier for organizations accustomed to having all activity directly in their line of site.

However, that fear and skepticism had to be balanced with the return. That is, there was tremendous business value in moving to the cloud—speed and cost savings among them. This same counterbalance between business risk and benefit must exist as IT helps the organization weigh and deploy emerging technologies.

Just because a business can deploy emerging technology does and should not mean it should. Even as cloud adoption is now ubiquitous, the fact remains that not everything should reside there. In both instances, IT benefits from an ability to test these environments—porting over certain activities, data and operations without having to fully commit to, say, a public cloud environment or an IoT-enabled network of devices. Consider starting with areas of low risk as a testing ground.

Know That You Don’t (Yet) Know Your Blind Spots
Remember the days when transmitting data to and from the cloud seemed a no-man’s-land of security? In the early days of cloud, security teams were still figuring out where in that process data could be compromised and how to solve for that risk. As a result, encryption became a critical tool and best practices emerged to protect both data in motion and at rest. With newer technologies, there are similar challenges with not yet knowing all of the blind spots. And while it is certainly important to identify what those are, an important first step to getting there is first recognizing that you don’t know what you don’t know.

For example, in the era of AI, it is often machines—not humans—calculating and analyzing data. And a potential risk there is that the data could be manipulated in a way that would go unnoticed. While that may seem like a minor issue, you can imagine the major repercussions of a bad actor altering information in a legal investigation or changing MRI results data that impact life-and-death diagnoses. For this reason, AI should be leveraged to gain scale and accuracy advantages but checked by human expertise to keep an eye on algorithmic approaches that lack intuition and common sense.

When risks such as these are still uncertain and emerging at the same pace as the technologies themselves, it is critical for IT to think proactively and comprehensively.

Apply the Technology to Security Itself
Just like the cloud became a platform in which security could be built, AI can also be leveraged to bolster, not just poke holes in, security postures. By combining AI and machine learning with a team of human threat hunters, all new signals in an organization’s environment are presumed to be potentially malicious. Security teams can use AI at the tactical level to gain a deep contextual understanding of the network and detect anomalies based on known and previously seen modes of behavior between hosts and between users within the network. With AI, security professionals can see what a “normal” network looks like and make sure the network model is constantly updated. When AI is coupled with human intelligence, security teams can make the best decisions to protect their businesses.

Pivot to Proactive Practices
Regardless of the era or technology du jour, two constants remain: Embracing new technology is critical for businesses to remain competitive, but cybersecurity threats often move faster than the technology on which they occur. Whether in the cloud in the early 2000s or via AI and IoT today, traditional managed software service providers (MSSPs) cannot keep up with providing the full protections that modern cybersecurity threats require. Organizations should seek the mature end of the evolutionary path to include proactive threat hunting and predictive technologies like machine learning.

It is more important than ever for enterprises to take a proactive approach to secure their AI and IoT networks, like they did for the cloud. In the Wild West of technology today, this proactive approach allows IT to put protection first, without sacrificing the business benefits.

Mark Sangster
Mark Sangster Vice President and Industry Security Strategist

Mark is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations.