Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Visibility and response across your entire Microsoft security ecosystem.
XDR with Machine Learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert threat hunting, original research, and proactive threat intelligence.
TRU is foundational to our MDR service. No add-ons or additional costs required.
Flexible MDR packages that enhance your cyber resilience and security operations.
Stop ransomware attacks before they disrupt your business.
Detect and respond to zero-day exploits.
Protect against third-party and supply chain risk.
Adopt a risk-based approach to cybersecurity.
Protect your most sensitive data.
Meet cybersecurity regulatory compliance mandates.
Eliminate misconfigurations and policy violations.
Prevent business disruption by outsourcing MDR.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and mediating threats to prevent lateral spread.
Enhance investigation and threat detection across multi-cloud or hybrid environments.
Remediate critical misconfigurations, security vulnerabilities and policy violations across cloud and containerized environments.
Detect malicious insider and identity-based behavior leveraging machine learning models.
THE THREAT Google has released new information related to an actively exploited zero-day vulnerability, including widening the scope and criticality of the exploitation impact. The issue, tracked as… READ NOW
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Waterloo, ON–September 6, 2023 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), and Kterio, the leading provider of smart building operating systems, today announced that they… READ NOW
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
We believe a multi-signal approach is paramount to protecting your complete attack surface. See why eSentire MDR means multi-signal telemetry and complete response.
See how our 24/7 SOC Cyber Analysts and Elite Threat Hunters stop even the most advanced cyberattacks before they disrupt your business.
Choose the right mix of Managed Detection and Response, Exposure Management, and Incident Response services to strengthen your cyber resilience.
Try our interactive tools including the MITRE ATT&CK Tool, the SOC Pricing Calculator, the Cybersecurity Maturity Assessment, and our MDR ROI Calculator.
Read the latest security advisories, blogs, reports, industry publications and webinars published by eSentire's Threat Response Unit (TRU).
See why 2000+ organizations count on eSentire to build resilience and prevent business disruption.
In the final installment of this three-part series on risk management, let’s look beyond the business crisis scenario of Covid-19. Consider this: are we simply experiencing a seasonal shift that returns to the norms of a pre-quarantine world or is this a climatic shift in the way we do business and view cybersecurity priorities going forward?
eSentire manages over $6 trillion in assets under management, a term we borrow from our hedge fund customers. In 2012, this industry segment was the core of our customer base. Together, we learned from Hurricane Sandy, the deadliest storm of the hurricane season. The storm killed 233 people in eight countries, affected 24 U.S. states, caused major flooding in Manhattan streets and subway tunnels and was responsible for $64 billion in damage.
That storm taught us two lessons. The first was that criminals take advantage of the havoc caused by natural disasters and other crises. Our security operations team studied traffic analytics for a three-month period around Hurricane Sandy. Data showed a 30 to 40 percent drop in network traffic across our client base located in New York City for the two weeks during and after the hurricane. However, the level of threats remained constant throughout. In fact, the week following the hurricane, attacks spiked by 30 percent!
Cybercriminals quickly moved to take advantage of chaos caused by the storm. Employees couldn’t get to work, blocked by flooded subway lines. And massive power outages ensured office buildings in Lower Manhattan were vacant. All that data just sitting there without the usual contingent of IT security supervisors … the world’s bank vault was open and the guards were stuck at home.
The second lesson was that disastrous events often reset the bar by which we define acceptable business operational policies. Disruption caused by Hurricane Sandy instantly became the new standard that business continuity (BCP) and disaster recovery (DR) plans were measured against. As the American Bar Association’s Cybersecurity Handbook puts it: “If a client’s disaster recovery plans cannot pass the ‘Hurricane Sandy test,’ such plans might also fail if cyber incidents caused prolonged disruptions.”
And most plans failed during Sandy. The majority of the client data for major financial institutions resided in data centers located in New Jersey, a quick ferry ride across the Hudson River. Turns out, category 2 hurricanes don’t follow state lines, operations were crippled and data was exposed during the cleanup. In hindsight, it’s an obvious flaw in any BCP/DR plan.
When the waters of Sandy, as well as Katrina receded, they left stains behind that marked the depth of the flooding. And Covid-19 will not only leave its mark as a worldwide human tragedy, but also will likely drive new models for business risk management. At this time, many of use are still working remotely, so we still don’t know if this is a seasonal migration or a climatic shift. When world economies open for business again, have we changed the way we do business more permanently?
For instance, are we moving into a world where banks are virtual? What constitutes a bank? Is it the physical structure, its assets or its customers’ data? Similarly, at a conference last year, the head of the Harvard Law School posited that the concept of the court was no longer an imposing building in the town square. Now, it’s the economic and quick disposition of legal decisions. It’s not about a building, it’s about its value to society. Likewise, the office tower may no eventually no longer serve as a vanity metric for successful companies.
I’ve often joked that we’ve shifted from the bring your own device (BYOD) model in which we use personal smartphones for business purposes to a broader spectrum of personal property for shared business operations. Now it’s BYOH: bring your office home.
How many firms will embrace the financial benefits of work from home? Assuming their business model survives to support remote workers (such as knowledge workers, customer service, call centers, etc.) and easily adapted to the quarantine. How soon will it be before the bean counters question the necessity of brick-and-mortar overhead?
From a risk management perspective, how would this shift affect security programs? For BYOD, mobile device management (MDM) tools were developed to better secure personal phones. You can bet venture capital firms already are looking to fund security startups that can better secure personal routers, provide the home office equivalent of easy-to-use commercial firewalls, etc. Endpoint suppliers also will ride this wave with brands such as CrowdStrike and VMware Carbon Black in the catbird’s seat.
If this shift is climatic, then the pandemic will have truly served as a forcing factor. Cybersecurity is no longer about perimeters. The analogy of a bank building with guards and a vault doesn’t work when the employees are not resident in the building, nor is the money (data) that has migrated to the cloud. It means cybersecurity professionals must shift their focus and thinking.
Embracing cybersecurity as a factor in corporate risk management means firms can adapt quickly. Risk management isn’t wedded to specific security paradigms or technologies; it is a fabric that expands to cover the full spectrum of a business. Companies that view security through the risk management lens can expand the aperture to focus on a wider field of view. Companies that view security through a static paradigm of rigid perimeters or physical structures will fail to adapt. And there are plenty of predators and criminals ready to pounce on those that fall behind the pack.
For more “how tos” on risk management and successful incident response planning, use this Pragmatic Security Event Management Playbook to identify possible gaps and ensure crucial steps are followed to contain and control damage and quickly return to normal operating conditions.
eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit: www.esentire.com and follow @eSentire.