Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
In the summer of 2018, eSentire was engaged by a financial services firm to conduct third-party risk assessments because the firm had experienced a failed audit due to the discovery of a fraudulent transaction from a compromised third party. Being in the heavily regulated financial services industry, the client had a dedicated internal compliance team and a depth understanding of the various risks associated with information security. In an attempt to mature and formalize its security program, a full-time CISO and dedicated security personnel were recruited but program formalization was ultimately unsuccessful due to the scarcity of qualified and available candidates. As a result, responsibility for information security policies and implementation of controls fell back on the cross-functional teamwork of the firm’s internal compliance and IT teams.
32% of organizations reported lack of internal time/resources to evaluate or monitor third-party risk1
Industry
Finance
Trigger Event:
Fraudulent transaction by third-party
Client Challenges:
Collaboration between the cross-functional teams resulted in an improved security posture, but limitations remained in their ability to measure and mitigate third-party risk. Inventory measurement concluded that over 50 vendors and third parties had network and data access to some degree resulting in potential risk to overall business operations. Unfortunately for the client, risk became consequence during a routine audit, when a transaction with a trusted third party was discovered to be fraudulent, facilitated by a compromised user within their third party network. Investigation revealed the user was compromised from a spear-phishing campaign culminating in substantial financial losses and lengthy time and resource consuming claims processes with their cybersecurity insurance provider.
The eSentire Security Strategist immediately went to work helping the client update their third-party risk policies, formalizing mandatory annual and bi-annual risk assessments of critical vendors based on type and risk profile. eSentire then executed tailored risk assessments on 10 clients that were both critical to continued business operations as well as high-risk profiles. The data from the assessments was compared against eSentire’s Security Framework based on NIST foundations, financial industry standards, and specific risk indicators.
The Security Strategist discussed the findings with the client’s cross-functional and Executive team and began to develop a pragmatic plan to systematically reduce risk among the 10 vendors that were subject to the assessment. Satisfied with the progression of the firm’s security posture under their Virtual CISO, recruiting efforts were ceased. With the tedious work of creating and conducting the 10 assessments handled by eSentire, IT and compliance teams were able to focus on other projects. Both of these benefits from eSentire’s Vendor Risk Assessments resulted in operational cost savings for their business.
Connect with an eSentire Security Specialist to learn how we can help you build a more resilient security operation and prevent disruption.