What We Do
How we do it
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
Mar 15, 2023
CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Zero-Day Vulnerability
THE THREAT On March 14th, as part of Microsoft’s monthly Patch Tuesday release, the company disclosed a critical, actively exploited vulnerability impacting Microsoft Office and Outlook. The…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Mar 20, 2023
Exertis and eSentire Partner to Deliver 24/7 Multi-Signal MDR, Digital Forensics & IR Services and Exposure Management to Organisations Across the UK, Ireland, and Europe
Basingstoke, UK– 20 March, 2023. Leading technology distributor, Exertis, announced today that it has bolstered its cybersecurity services, adding eSentire, the Authority in Managed Detection and Response (MDR), to its Enterprise portfolio of offerings. eSentire’s award-winning, 24/7 multi-signal MDR, Digital Forensics & Incident Response (IR), and Exposure Management services will be available…
Read More
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Jan 17, 2023

The Resolution Every CSO/CISO Should Make This Year

4 minutes read
Speak With A Security Expert Now

As the lyrics of "Auld Lang Syne" so eloquently say, "Should old acquaintance be forgot and never brought to mind?" As security leaders look forward to what the new year brings, they're taking stock of everything — their teams, their technologies, their budgets — and trying to plan for what looks to be another challenging year.

While I don't have a Magic 8 Ball, 2023 looks like more of the same — the same budget constraints, the same supply chain problems, and the same cybersecurity challenges. There is also a lot of pressure currently on security leaders to do more with less while also facing more scrutiny and more accountability for the effectiveness of their cybersecurity programs. Sophisticated and frequent cyberattacks, shrinking budgets, and a scattered workforce have only exacerbated preexisting security challenges to the point that it's hard to know what to address first. So, if you're a security leader still working on your New Year's resolutions, cyber resilience should be No. 1 on your list.

Shifting Your Mindset

Most security leaders today have adopted "it's not if, but when" mindset in relation to cybersecurity incidents. Additionally, risk management — constantly identifying risk and implementing the appropriate mitigating controls — continues to be a key component of overall cybersecurity program management. But what if you're unable to implement the necessary controls or if you fail to identify a critical risk? The real question is, what is your plan for readiness when you're faced with a risk that has been realized due to having no mitigating controls, inadequate mitigating controls, or blind spots?

Recently, I met with a potential customer, and security staffers outlined their current cybersecurity challenges, program/technology wants and needs, and talent shortages. As they described their top cybersecurity concerns, I asked if they were thinking about their problems correctly; instead of focusing on problem X, perhaps they should focus on problem Y instead. But then I realized that the security leader at that company sees the same problems day in and day out, and they're specific to the organization. In contrast, however, being in a role similar to that of a security solutions consultant, I see many different types of problems being approached and solved in multiple ways.

I wondered how much this difference in perspective affects our ability as an industry to align on cybersecurity baselines, metrics, prioritization approaches, etc. It's difficult to solve problems within our cybersecurity programs when the problems, the organizations we protect, and our priorities change every day. If we agree that "it's not if, but when," we also agree that we must accept a degree of uncertainty when managing our security. We cannot, however, allow those blind spots to result in business disruption. Instead, there must be a mindset shift in the way cybersecurity programs are managed, from a traditional risk management model to cyber resilience.

Understanding the Security Game

The good news is we're starting to see a shift in organizations prioritizing resilience and not just risk, even though effective risk management is an important component of cyber resilience. According to a recent Forrester report, there has been a significant increase in chief risk officers (CROs) reporting directly to the CEO. This is one example of a much-needed pivot in the enterprise mindset, with security evolving from a compliance checkbox to an investment in a strategy for cyber resilience. For companies with inadequate protections in place, CISOs will need to focus their budgets on having a resourced team, proper tools, and robust training.

Part of this mindset shift is also understanding the security game you need to play and then being able to explain that strategy to your leadership team and board of directors. When all you think about is the risk — we're risky here, so we'll plug this hole with this solution, then we're risky over here, so we'll plug that hole over there with this other solution — it's like playing a game of whack-a-mole. Try taking that approach to your board as a well-defined strategy.

Instead, the message needs to be something along the lines of: According to industry research in our vertical, here are the top threats that attackers can leverage in our type of environment, and here's how we can improve our environment. Our strategy is to be more resilient.

Now you have something measurable and can build a reasonable cybersecurity program road map.

Why Cyber Resilience Should Be No. 1 on Your To-Do List

The CISOs who will be most effective in 2023 will not look to answer the question "Are we safe?" Because the answer is always no — there will always be risk. The right question is "How ready are we?" You want to think about what you learned from that cyber incident — which is more than just reactively identifying the risk, assessing costs, and then implementing controls accordingly. Guess what? Attackers also have those controls. And by the time you go through your procurement process, proof of value, vendor selection, and solution implementation, attackers are several steps ahead of you.

There will always be gaps in what you know about your environment, so focusing on the continuous improvement of your security program through the lens of being ready to anticipate, withstand, recover, and adapt is how you should approach 2023.

Now is the time for security leaders to create a cyber resilience-focused program. Companies can't eliminate all risk, but we will see organizations putting in place full-scale plans and spending where they need to so they are prepared to measure progress and improvement in their cybersecurity program. Those organizations that go with the "good enough" approach will most likely pay the price (and more) later.

Originally posted on darkreading.com

View Most Recent Blogs
Tia Hopkins
Tia Hopkins Chief Cyber Resilience Officer & Field CTO

As Chief Cyber Resilience Officer & Field CTO, Tia Hopkins is focused on engaging with the cybersecurity community, providing thought leadership, supporting strategic customer and partner engagements, and working closely with the sales, marketing, product, engineering, and customer success teams to drive security outcome-focused initiatives. She has spent the past 20+ years of her career in various IT and IT Security roles and has over a decade of experience in the managed services space. Outside of her role at eSentire, Tia is also an adjunct professor of Cybersecurity at Yeshiva University and is currently pursuing her PhD in Cybersecurity Technology Innovation Management.