What We Do
How We Do
Get Started
Case study


Kids Ability video thumbnail V2

A tech refresh offered this non-profit the opportunity to modernize with cost-effective endpoint protection, 24/7 hands-on SOC support, and seamlessly integrate into their existing technology stack.

The Business

Kids Ability Logo

KidsAbility is a non-profit organization based in the Kitchener-Waterloo region of Ontario, Canada. With five locations across Ontario, KidsAbility provides 10,000+ special needs children and youth with access to specialized therapy for speech, mobility, and autism.

Kids Ability Logo
  • Small team with 4 in-house IT staff and limited budget
  • 350+ therapists serving 10,000+ clients across five regional sites
  • Needed a strategic partner who could provide expert-level 24/7 threat detection and response at an affordable price so their team can focus on what really matters and do more with less

Solution and Results

eSentire MDR provides 24/7 security event monitoring as well as threat detection, investigation, and response, enabling KidsAbility to:

  • Adhere to PHIPA compliance requirements and ensure their clients’ protected health information (PHI/ePHI) remains secure.
  • Get seamless integration with existing technology stack and easily deploy eSentire MDR for Endpoint solution across 400+ endpoints without service disruption.
  • Shift from a reactive to a proactive cybersecurity approach and stay ahead of the evolving threat landscape.
  • Implement enterprise-level cybersecurity protection to prevent ransomware attacks and reduce cyber risks at a fraction of the cost.

Business and Security Outcomes

  • 24/7 threat detection, investigation, and response capabilities by a team of SOC Cyber Analysts and Elite Threat Hunters
  • Achieve compliance with healthcare data regulations
  • Trusted expert-level guidance to analyze their security measures and rapidly deploy eSentire MDR services
  • Reduce cyber risk by ensuring complete visibility and a consistent security posture across environment

The Challenge

Given that patients’ medical records can elicit 50x more revenue compared to financial records on the Dark Web, it’s no surprise that healthcare delivery organizations (HDOs) have proven to be highly attractive targets for cybercriminals.

For a non-profit organization like KidsAbility, whose staff store, maintain, and transmit personally identifiable information (PII) and protected health information (PHI/ ePHI) of their clients, it’s of utmost importance that they be able to protect their sensitive data from threat actors.

KidsAbility’s primary challenge was to ensure that the PII and PHI/ePHI stored and transmitted through their environment remains secure and that the non-profit adhere with the PHIPA compliance regulations, as mandated by the Ontario government. However, PHIPA compliance was not their only concern.

With only four in-house IT staff, the KidsAbility team was stretched incredibly thin despite having engaged a Managed Security Provider (MSP) that only monitored their environment without offering real response capabilities.

Moreover, the MSP provided monthly reports that flagged critical alerts of suspicious activity related to admin and user behavior or password usage concerns, leaving the KidsAbility team to handle threat investigations and response on their own. Unfortunately, a 30-day delay in receiving these alerts also meant that KidsAbility was forced to take a reactive approach to their cybersecurity, making them a vulnerable target for cyberattacks.

Lastly, since KidsAbility is a non-profit organization with limited budget, they didn’t have the resources needed to hire and train a cybersecurity specialist in-house. Plus, having experienced a ransomware incident first-hand, Tom Szozda, Manager of Information Services at KidsAbility, wanted to engage a leading cybersecurity firm that could provide his team with peace of mind knowing they were protected from day one.

Given their lack of in-house security expertise, limited access to best-in-class security tools, and healthcare data compliance requirements, they were looking to outsource threat detection and response capabilities to an MDR provider that could offer an all-in-one service that was cost-effective and offered 24/7 SOC-as-a-Service.

Why KidsAbility Chose eSentire As Their Proven MDR Partner

After partnering with a new MSP, FoxNet Inc. in 2023, KidsAbility began their search for a trusted MDR partner who could offer the security expertise his team needed to reduce their cyber risks, achieve PHIPA compliance, and build a robust cyber strategy.

Moreover, being a non-profit meant that it was integral for KidsAbility to choose a security firm who could collaborate with FoxNet to deliver an all-encompassing, bundled cybersecurity package. Luckily, eSentire was able to do just that: “Being a non-profit center, cost is huge for us. We have limited funds, and we have to spend it very wisely,” Tom says. “When we heard from FoxNet that eSentire was one of their partners, I was excited. I knew of eSentire [from my previous role] and knew that they’re a world-renowned organization.”

As part of the selection process, KidsAbility also attended a Security Operations Center (SOC) Tour, during which they were impressed by the number of SOC Cyber Analysts present in one shift and the level of 24/7 support our SOC offers.

To help KidsAbility reduce their cyber risks and achieve PHIPA compliance, we delivered:

  • eSentire MDR for Endpoint provided KidsAbility with 24/7 threat detection, investigation, and response capabilities to safeguard against cyberattacks, best-of-breed CrowdStrike endpoint technology, and access to world-renowned threat intelligence expertise.

Throughout the partnership, eSentire has played an integral role in how we protect KidsAbility from security incidents, providing real-time alerts of suspicious behaviour and containing the incident before notifying the KidsAbility team.

“With the team that we have, we wear a lot of hats, but we don’t have expertise in cybersecurity,” Tom states. “With eSentire, we have an active agent on our infrastructure that’s being monitored 24/7 and if any incident occurs, we are notified immediately. We don’t have to be sitting there trying to figure out what we’re supposed to do.”

This has allowed their team to feel peace of mind knowing that they’re protected no matter what: “My team has their hands full – they don’t need to be looking through event logs, emails, or find out if we’ve been compromised. We’re counting on eSentire MDR for Endpoint with 24/7 monitoring to have our backs.”

Another significant concern for Tom was the ease of deployment and implementation of the eSentire MDR for Endpoint solution across 350+ endpoints without their therapists experiencing any service disruption.

“A big concern I had was how easy the implementation would be. It was key for us to deploy efficiently for our therapists since they’re not always on-site,” Tom says. “My team worked very well with eSentire’s SOC and the deployment through our 350+ staff was fairly easy. Within a month or two, everything was protected.”

Complicating matters further, KidsAbility had signed a three-year contract with another security firm for antivirus (AV) protection, security awareness training, and mobile device management. However, eSentire was able to seamlessly integrate with their existing technology stack to provide robust coverage across their entire environment.

Quote Icon

We’ve been notified by eSentire sometimes weeks before we get the Cyber Security Ontario notifications of what’s happening [in the threat landscape]. So, they’re ahead of the game and knowing that gives us more peace of mind that we’re working with the right organization.

Tom Szozda

Manager of Information Services, KidsAbility


It should be of no surprise that healthcare organizations have proven to be high-value targets for cybercriminals and the financial cost associated with data breaches or ransomware attacks is astronomical. In fact, healthcare data breach costs have increased 53.3% since 2020 to an average of $10.93 million USD.

By outsourcing their security monitoring and threat detection, investigation, and response to our 24/7 SOC Cyber Analysts and Elite Threat Hunters, KidsAbility’s small but mighty in-house team can focus on their actual day-to-day role without being inundated with delayed alerts. Instead, they can trust that eSentire will act on their behalf to contain and remediate the threat before notifying them of the activity and work with them to determine if any other steps need to be taken.

As a result of switching to eSentire MDR, KidsAbility has benefitted from receiving enterprise-level cybersecurity protection with a cost-effective approach.

“Even our board was very pleased with the outcomes we’ve achieved, as were the senior leadership team,” Tom states. “They trust us to deliver the solution we need to protect our organization.”

Ready to Get Started?

We’re here to help! Submit your information and an eSentire representative will be in touch to help you build a more resilient security operation today.