Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Visibility and response across your entire Microsoft security ecosystem.
XDR with Machine Learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert threat hunting, original research, and proactive threat intelligence.
TRU is foundational to our MDR service. No add-ons or additional costs required.
Flexible MDR packages that enhance your cyber resilience and security operations.
Stop ransomware attacks before they disrupt your business.
Detect and respond to zero-day exploits.
Protect against third-party and supply chain risk.
Adopt a risk-based approach to cybersecurity.
Protect your most sensitive data.
Meet cybersecurity regulatory compliance mandates.
Eliminate misconfigurations and policy violations.
Prevent business disruption by outsourcing MDR.
Meet insurability requirements with MDR.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and mediating threats to prevent lateral spread.
Enhance investigation and threat detection across multi-cloud or hybrid environments.
Remediate critical misconfigurations, security vulnerabilities and policy violations across cloud and containerized environments.
Detect malicious insider and identity-based behavior leveraging machine learning models.
THE THREAT eSentire is aware of widespread exploitation attempts targeting the recently disclosed ownCloud vulnerability CVE-2023-49103. CVE-2023-49103 (CVSS: 10) is tracked as a disclosure of… READ NOW
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Waterloo, ON and GITEX GLOBAL 2023, Dubai, UAE – October 18, 2023 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), today announced that Inspira Enterprise Inc, (Inspira), a… READ NOW
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
We believe a multi-signal approach is paramount to protecting your complete attack surface. See why eSentire MDR means multi-signal telemetry and complete response.
See how our 24/7 SOC Cyber Analysts and Elite Threat Hunters stop even the most advanced cyberattacks before they disrupt your business.
Choose the right mix of Managed Detection and Response, Exposure Management, and Incident Response services to strengthen your cyber resilience.
Try our interactive tools including the MITRE ATT&CK Tool, the SOC Pricing Calculator, the Cybersecurity Maturity Assessment, and our MDR ROI Calculator.
Read the latest security advisories, blogs, reports, industry publications and webinars published by eSentire's Threat Response Unit (TRU).
See why 2000+ organizations count on eSentire to build resilience and prevent business disruption.
Cybersecurity is not an IT problem to solve—it's a business risk to manage. In the Managing Cyber Risk podcast series, Mark Sangster, Vice President and Industry Security Strategist with eSentire, and Cybercrime Magazine’s Hillarie McClure lead conversations with cybersecurity experts, using the dollars-and-cents language of the C-suite to expose the issues, challenges and pitfalls which are often obscured by ones and zeroes.
Want to listen to the full episode instead? Click here.
The cyber insurance market is booming, with written premiums expected to reach $20 billion USD by 2025, globally, up from under $5 billion USD in 2016.
A significant driver of this growth is the well-documented success of ransomware attacks, which have evolved from opportunistic and transactional attacks to the threat landscape we see today.
With every new headline, businesses are continuously reminded that cyber insurance has a role to play in managing risk by potentially offsetting the rising costs of ransom and extortion payments, system recovery, investigation, customer notifications and credit protection, public communications services, and other legal expenses.
However, the cyber insurance market is still relatively new, so many providers have limited understanding of how much risk exposure organizations have to cyberattacks. Lacking well understood actuarial data and resulting risk quotients for cyber risks and the ever-changing costs resulting from cyberattacks, underwriters struggle to understand the financial risk associated with a specific policy, and policy fees, coverage and requirements vary greatly.
At the same time, ransomware gangs continue to refine their operations. While the headlines are dominated by attacks against large enterprises and critical infrastructure, there are worrying signs that threat actors are expanding their reach.
In the latest episode of our Managing Cyber Risk podcast series, Mark Sangster and Hillarie McClure spoke to Catherine Lyle, Head of Claims at Coalition Inc. Insurance, about the latest trends in cyber insurance claims and coverage, why your cyber insurer’s value goes well beyond providing coverage, and practical advice on when and how organizations should engage an insurer in the event of a breach.
According to Mark, one of the most concerning trends is that ransomware gangs are using supply chain attacks to gain access to thousands of small and medium businesses (SMBs). Citing recent examples including Solar Winds and Kaseya—essential tools for many organizations—Mark points out that businesses “can’t eliminate this risk through non-participation”.
Similarly, threat actors may target Managed Service Providers (MSPs) that provide the IT skills and tooling that tens of thousands of SMBs rely on.
Catherine Lyle agreed, “Ransomware is the immediate monetization of a crime.”
After all, it allows criminals to immediately profit and drive those proceeds right back into finding and attacking more victims.
In addition to ransomware, Catherine noted that another trend she sees as significant right now is “funds transfer fraud”. Her company works one-on-one with insurers that have experienced a security event.
Through that work, her investigators have noticed that cyberattackers are often spending much more time within the victim’s environment—allowing them to better understand communication patterns and power structures, both of which are leveraged to make social engineering effective.
From Catherine’s perspective, senior leaders within small and medium businesses are beginning to recognize that they need to seriously consider the risk (and the associated costs) of a potentially devastating cyber attack.
These same leaders are also recognizing that their cyber insurance provider can provide valuable, proactive assistance and expertise to help prevent attacks, limit their scope and accelerate recovery—in addition to covering damages.
By working with an insurance provider, SMBs can ensure they have a “happy path” to follow in the event of an incident.
Additionally, it’s imperative that organizations think about the ripple effects of a cyber attack before it occurs. It’s often not so much about making the right or wrong decisions, but rather about being prepared, understanding and managing the unavoidable tradeoffs that come with Incident Response (IR).
Mark and Catherine both stress the importance not only of preparing, but of thinking beyond the ones and zeroes—beyond the technology. As Catherine pointed out, if an adversary is successful in deploying a ransomware attack against your company, do you know how your business would react?
Although technology is an important element, you must have a plan set in place to address how to work with law enforcement, handle public relations, notify clients, comply with regulations, decide whether or not to pursue a prosecution, and so on.
Every business can benefit from relying on cyber incident experts, but very few businesses have this expertise in-house. That’s where trusted partners come in: to explain very clearly what to expect, the timelines that exist, etc. on what might well be the worst day of work you’ve ever had.
Our recent report, The Current State of Incident Response Services in 2021, hinted at the influence cyber insurers have in risk management. For example:
Cyber insurance providers were tied with executives/boards as having the most influence over IR purchase decisions
Cyber insurance provider requirements were the second-most cited driving factor in changing IR retainer providers
Of those organizations represented in our survey, half with insurance are subject to provisions that require them to choose from a selected list of IR providers—with MDR/MSS providers being the preferred category
As the industry matures, cyber insurance policies are continuing to change: cyber insurers have not only begun to offer more restrictive policy terms and coverage limits, but also increased premiums for midsize and large companies by upwards of 20%.
Our survey revealed a wide range in coverage:
Roughly 60% of respondents with cyber insurance indicated that their insurer covers costs of lost business; likewise, a similar number reported that they are covered for detection and escalation costs
Fewer than half (45.7%) are covered for notification costs and only 29.3% are covered for ex-post response costs
Perhaps crucially, only 14.1% of those with insurance are covered for regulatory fines, penalties and class-action lawsuits—which are all realistic consequences of data breaches and are made more likely by the rise in double-extortion ransomware tactics
Unfortunately, all signs point to an increasing number of cyber attacks against businesses of all sizes. And as cybercriminals find new and more efficient ways to reach the long tail of small and medium businesses—most of which lack in-house expertise—having strong partners in place for MDR, IR, and insurance will become essential.
After all, cybersecurity is not an IT problem to solve—it's a business risk to manage.
To learn more about cyber insurance, listen to the fifth episode of the Managing Cyber Risk podcast series, Insurance and Claims, below.
eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit: www.esentire.com and follow @eSentire.