What We Do
How we do it
Resources
SECURITY ADVISORIES
Nov 22, 2021
Microsoft Exchange Vulnerability - CVE-2021-42321
THE THREAT eSentire has identified publicly available Proof-of-Concept (PoC) exploit code, for the critical Microsoft Exchange vulnerability CVE-2021-42321. CVE-2021-42321 was announced as part of Microsoft’s November Patch Tuesday release. Exploitation would allow a remote threat actor, with previous authentication, to execute code on vulnerable servers. Prior to the patch release, Microsoft…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Oct 28, 2021
Telarus and eSentire Expand Partnership to Safeguard Enterprises Globally Against Business Disrupting Ransomware and Zero-Day Attacks
London, UK and Sydney, Australia– Oct. 28, 2021 - eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announces the expansion of its partnership with Telarus, the largest privately-held distributor of business cloud infrastructure and contact centre services. Building on their mutual success across North America, Telarus will bring eSentire’s Managed…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
PARTNER RESOURCES
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — May 12, 2020

Think About Cybersecurity the Way Executives Think About Business:
Looking Beyond Covid-19

Speak With A Security Expert Now

Part 3 of 3 in a series on Risk Management. Click here to read Part 1 and here to read Part 2.

In the final installment of this three-part series on risk management, let’s look beyond the business crisis scenario of Covid-19. Consider this: are we simply experiencing a seasonal shift that returns to the norms of a pre-quarantine world or is this a climatic shift in the way we do business and view cybersecurity priorities going forward?

eSentire manages over $6 trillion in assets under management, a term we borrow from our hedge fund customers. In 2012, this industry segment was the core of our customer base. Together, we learned from Hurricane Sandy, the deadliest storm of the hurricane season. The storm killed 233 people in eight countries, affected 24 U.S. states, caused major flooding in Manhattan streets and subway tunnels and was responsible for $64 billion in damage.

That storm taught us two lessons. The first was that criminals take advantage of the havoc caused by natural disasters and other crises. Our security operations team studied traffic analytics for a three-month period around Hurricane Sandy. Data showed a 30 to 40 percent drop in network traffic across our client base located in New York City for the two weeks during and after the hurricane. However, the level of threats remained constant throughout. In fact, the week following the hurricane, attacks spiked by 30 percent!

Cybercriminals quickly moved to take advantage of chaos caused by the storm. Employees couldn’t get to work, blocked by flooded subway lines. And massive power outages ensured office buildings in Lower Manhattan were vacant. All that data just sitting there without the usual contingent of IT security supervisors … the world’s bank vault was open and the guards were stuck at home.

The second lesson was that disastrous events often reset the bar by which we define acceptable business operational policies. Disruption caused by Hurricane Sandy instantly became the new standard that business continuity (BCP) and disaster recovery (DR) plans were measured against. As the American Bar Association’s Cybersecurity Handbook puts it: “If a client’s disaster recovery plans cannot pass the ‘Hurricane Sandy test,’ such plans might also fail if cyber incidents caused prolonged disruptions.”

And most plans failed during Sandy. The majority of the client data for major financial institutions resided in data centers located in New Jersey, a quick ferry ride across the Hudson River. Turns out, category 2 hurricanes don’t follow state lines, operations were crippled and data was exposed during the cleanup. In hindsight, it’s an obvious flaw in any BCP/DR plan.

When the waters of Sandy, as well as Katrina receded, they left stains behind that marked the depth of the flooding. And Covid-19 will not only leave its mark as a worldwide human tragedy, but also will likely drive new models for business risk management. At this time, many of use are still working remotely, so we still don’t know if this is a seasonal migration or a climatic shift. When world economies open for business again, have we changed the way we do business more permanently?

For instance, are we moving into a world where banks are virtual? What constitutes a bank? Is it the physical structure, its assets or its customers’ data? Similarly, at a conference last year, the head of the Harvard Law School posited that the concept of the court was no longer an imposing building in the town square. Now, it’s the economic and quick disposition of legal decisions. It’s not about a building, it’s about its value to society. Likewise, the office tower may no eventually no longer serve as a vanity metric for successful companies.

I’ve often joked that we’ve shifted from the bring your own device (BYOD) model in which we use personal smartphones for business purposes to a broader spectrum of personal property for shared business operations. Now it’s BYOH: bring your office home.

How many firms will embrace the financial benefits of work from home? Assuming their business model survives to support remote workers (such as knowledge workers, customer service, call centers, etc.) and easily adapted to the quarantine. How soon will it be before the bean counters question the necessity of brick-and-mortar overhead?

From a risk management perspective, how would this shift affect security programs? For BYOD, mobile device management (MDM) tools were developed to better secure personal phones. You can bet venture capital firms already are looking to fund security startups that can better secure personal routers, provide the home office equivalent of easy-to-use commercial firewalls, etc. Endpoint suppliers also will ride this wave with brands such as CrowdStrike and VMware Carbon Black in the catbird’s seat.

If this shift is climatic, then the pandemic will have truly served as a forcing factor. Cybersecurity is no longer about perimeters. The analogy of a bank building with guards and a vault doesn’t work when the employees are not resident in the building, nor is the money (data) that has migrated to the cloud. It means cybersecurity professionals must shift their focus and thinking.

Embracing cybersecurity as a factor in corporate risk management means firms can adapt quickly. Risk management isn’t wedded to specific security paradigms or technologies; it is a fabric that expands to cover the full spectrum of a business. Companies that view security through the risk management lens can expand the aperture to focus on a wider field of view. Companies that view security through a static paradigm of rigid perimeters or physical structures will fail to adapt. And there are plenty of predators and criminals ready to pounce on those that fall behind the pack.

For more “how tos” on risk management and successful incident response planning, use this Pragmatic Security Event Management Playbook to identify possible gaps and ensure crucial steps are followed to contain and control damage and quickly return to normal operating conditions.

View Most Recent Blogs
Mark Sangster
Mark Sangster Vice President and Industry Security Strategist

Mark is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations.