Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Join eSentire as they explore how to build a comprehensive training and…
The Texas Cyber Summit is a multi-track multi-day deeply technical…
Join Dustin Hillard, CTO at eSentire, and Tia Hopkins, VP, Cyber Risk…
In his opening keynote this week, RSA President Amit Yoran emphatically delivered one key message: prevention is no longer good enough and security practitioners, industry and vendors need to embrace a detection and response approach.
This is good news for eSentire clients. Detection and response has been our approach to cybersecurity since day one. It assumes the stance that compromise from unknown threats is inevitable, and to focus efforts on rapid detection and response upon breach, such that damage can be mitigated. This approach has greater integration and dependence on the human analyst to augment behavioral and machine learning technology. We couldn’t be happier that the infosec industry is pushing in this direction. In addition to validating the approach we’ve used for over a decade, the approach comes down to doing whatever best protects people and organizations from our constantly evolving adversaries.
Amit also pointed out that Gartner predicts spend on detection and response to quadruple over the next few years, rising to account for 60% of IT security budgets by 2020. A shift like this does raise some concerns, specifically highlighting the need for more security analysts and Security Operations Centers (SOC). A “hunting” approach is less automated and fundamentally places a greater emphasis on skilled humans as part of the detection and response equation.
Most of us are aware that there is a global cybersecurity talent epidemic. In the United States alone, 200,000 cybersecurity jobs are unfilled today. And by 2019, estimates tell us that there will be 1.5 million unfilled positions. This talent gap will become amplified as industry and vendors make the shift from prevention to detection.
Here are a couple of things that small-to mid-sized organizations looking for cybersecurity services might see in the future:
To summarize, make sure you understand how both technology and human analysts are involved in the detection and response process for any vendor you’re interviewing. What does the Service Level Agreement (SLA) for detection and response look like, or does the vendor even have an SLA at all? What technologies are being used to detect or signal an analyst investigation and response? What actions does the vendor take to “respond” to a breach?
If you’re a small to mid-sized organization looking for a cybersecurity solution, make sure you ask the right questions to avoid headache down the road. If you’re not sure where to start, we can help.
Shabbir Lasani is a savvy product marketing professional who helps bridge market needs with great products.