Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
eSentire will be a Sponsor at the NetDeligence Cyber Risk Summit in Fort…
eSentire will be a Sponsor at the NetDeligence Cyber Risk Summit in…
eSentire is an exhibitor at RSAC 2023. Visit us at Booth 0535.
In the final installment of this three-part series on risk management, let’s look beyond the business crisis scenario of Covid-19. Consider this: are we simply experiencing a seasonal shift that returns to the norms of a pre-quarantine world or is this a climatic shift in the way we do business and view cybersecurity priorities going forward?
eSentire manages over $6 trillion in assets under management, a term we borrow from our hedge fund customers. In 2012, this industry segment was the core of our customer base. Together, we learned from Hurricane Sandy, the deadliest storm of the hurricane season. The storm killed 233 people in eight countries, affected 24 U.S. states, caused major flooding in Manhattan streets and subway tunnels and was responsible for $64 billion in damage.
That storm taught us two lessons. The first was that criminals take advantage of the havoc caused by natural disasters and other crises. Our security operations team studied traffic analytics for a three-month period around Hurricane Sandy. Data showed a 30 to 40 percent drop in network traffic across our client base located in New York City for the two weeks during and after the hurricane. However, the level of threats remained constant throughout. In fact, the week following the hurricane, attacks spiked by 30 percent!
Cybercriminals quickly moved to take advantage of chaos caused by the storm. Employees couldn’t get to work, blocked by flooded subway lines. And massive power outages ensured office buildings in Lower Manhattan were vacant. All that data just sitting there without the usual contingent of IT security supervisors … the world’s bank vault was open and the guards were stuck at home.
The second lesson was that disastrous events often reset the bar by which we define acceptable business operational policies. Disruption caused by Hurricane Sandy instantly became the new standard that business continuity (BCP) and disaster recovery (DR) plans were measured against. As the American Bar Association’s Cybersecurity Handbook puts it: “If a client’s disaster recovery plans cannot pass the ‘Hurricane Sandy test,’ such plans might also fail if cyber incidents caused prolonged disruptions.”
And most plans failed during Sandy. The majority of the client data for major financial institutions resided in data centers located in New Jersey, a quick ferry ride across the Hudson River. Turns out, category 2 hurricanes don’t follow state lines, operations were crippled and data was exposed during the cleanup. In hindsight, it’s an obvious flaw in any BCP/DR plan.
When the waters of Sandy, as well as Katrina receded, they left stains behind that marked the depth of the flooding. And Covid-19 will not only leave its mark as a worldwide human tragedy, but also will likely drive new models for business risk management. At this time, many of use are still working remotely, so we still don’t know if this is a seasonal migration or a climatic shift. When world economies open for business again, have we changed the way we do business more permanently?
For instance, are we moving into a world where banks are virtual? What constitutes a bank? Is it the physical structure, its assets or its customers’ data? Similarly, at a conference last year, the head of the Harvard Law School posited that the concept of the court was no longer an imposing building in the town square. Now, it’s the economic and quick disposition of legal decisions. It’s not about a building, it’s about its value to society. Likewise, the office tower may no eventually no longer serve as a vanity metric for successful companies.
I’ve often joked that we’ve shifted from the bring your own device (BYOD) model in which we use personal smartphones for business purposes to a broader spectrum of personal property for shared business operations. Now it’s BYOH: bring your office home.
How many firms will embrace the financial benefits of work from home? Assuming their business model survives to support remote workers (such as knowledge workers, customer service, call centers, etc.) and easily adapted to the quarantine. How soon will it be before the bean counters question the necessity of brick-and-mortar overhead?
From a risk management perspective, how would this shift affect security programs? For BYOD, mobile device management (MDM) tools were developed to better secure personal phones. You can bet venture capital firms already are looking to fund security startups that can better secure personal routers, provide the home office equivalent of easy-to-use commercial firewalls, etc. Endpoint suppliers also will ride this wave with brands such as CrowdStrike and VMware Carbon Black in the catbird’s seat.
If this shift is climatic, then the pandemic will have truly served as a forcing factor. Cybersecurity is no longer about perimeters. The analogy of a bank building with guards and a vault doesn’t work when the employees are not resident in the building, nor is the money (data) that has migrated to the cloud. It means cybersecurity professionals must shift their focus and thinking.
Embracing cybersecurity as a factor in corporate risk management means firms can adapt quickly. Risk management isn’t wedded to specific security paradigms or technologies; it is a fabric that expands to cover the full spectrum of a business. Companies that view security through the risk management lens can expand the aperture to focus on a wider field of view. Companies that view security through a static paradigm of rigid perimeters or physical structures will fail to adapt. And there are plenty of predators and criminals ready to pounce on those that fall behind the pack.
For more “how tos” on risk management and successful incident response planning, use this Pragmatic Security Event Management Playbook to identify possible gaps and ensure crucial steps are followed to contain and control damage and quickly return to normal operating conditions.
eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.