Podcasts about esentire

In today's episode of the Cyber Culture Café series, Andy and John speak to Alexander Feick, VP of our eSentire Labs team. As the VP of Labs, Alex Feick leads a team responsible for fostering innovations from security professionals on our platform and integrating new technologies into the company's services. Over the past year, his efforts have centered on Generative AI security and enabling the company to leverage the technology more effectively internally. --Cybersecurity isn't just about platforms and processes—it's about people. If relationships matter in cybersecurity, this is where they begin. So, we're introducing a new, breakout series from the eSentire Cyber Talks Podcast – the Cyber Culture Café series! In this series, John Moretti and Andy Lalaguna will sit down for a candid conversation with one of the key players behind the eSentire customer experience. This series is all about pulling back the curtain and putting the spotlight on the people who power eSentire's world-class cybersecurity services.Join us for a relaxed and revealing discussion covering day-to-day challenges, personal motivation, industry observations, and the unique value each guest brings to the eSentire mission. Get to know the voices behind the protection—and why our people are at the core of everything we do.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Craig Peppard is the Vice President & Chief Information Security Officer at Ivari Canada. In this episode, he joins host Heather Engel and Greg Crowley, CISO at eSentire, to share insights on leadership in security, including the issue of gatekeeping in the industry, why practitioners need a diverse skill set beyond technical talent, and more. Next Level CISO is a Cybercrime Magazine podcast brought to you by eSentire, the Authority in Managed Detection and Response. eSentire's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

Cybersecurity isn't just about platforms and processes—it's about people. If relationships matter in cybersecurity, this is where they begin. So, we're introducing a new, breakout series from the eSentire Cyber Talks Podcast – the Cyber Culture Café series! In this series, John Moretti and Andy Lalaguna will sit down for a candid conversation with one of the key players behind the eSentire customer experience. This series is all about pulling back the curtain and putting the spotlight on the people who power eSentire's world-class cybersecurity services.Join us for a relaxed and revealing discussion covering day-to-day challenges, personal motivation, industry observations, and the unique value each guest brings to the eSentire mission. Get to know the voices behind the protection—and why our people are at the core of everything we do.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Greg Crowley is the CISO at eSentire. In this episode, he joins host Heather Engel and Dwayne Smith, Sr. VP Information Security and Global CISO at Vensure Employer Solutions, to discuss M&A integration, including how CISOs can ensure a secure process, tackling inherited vulnerabilities, and more. Next Level CISO is a Cybercrime Magazine podcast brought to you by eSentire, the Authority in Managed Detection and Response. eSentire's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

eSentire, a leading global Managed Detection and Response (MDR) cybersecurity services provider, has announced that it has awarded the annual "Sean Hennessy Bursary" to Munster Technological University (MTU)computer science student, James Spillane. This year, eSentire is also celebrating the 10-year anniversary of the opening of its international headquarters and Security Operations Centre (SOC) in Cork, Ireland. eSentire established the Sean Hennessy Bursary award in 2021, in collaboration with the Department of Computer Science at MTU, in response to Ireland's growing cybersecurity skills shortage. According to Cyber Ireland's 2024 Security Snapshot Report, the cybersecurity industry employs approximately 8,000 professionals in Ireland, an increase of 8% since 2022. The Sean Hennessy Bursary provides college financial aid, as well as the opportunity to participate in a nine-month internship with eSentire. The scholarship is named in honour of the late Sean Hennessy, a former eSentire team member who was instrumental in establishing and managing eSentire's Global SOC in Cork in 2015. Sean Hennessy passed away in 2016. This is the fourth year that the Sean Hennessy Bursary has been awarded to a MTU student. Impressively, the three previous recipients of the award are all currently employed with eSentire's Global SOC in Cork, Ireland. Each of them has reached various stages of eSentire's Career Development Program, which fosters and supports security analysts' growth through attainment of internal and external certifications, mentoring and progression. "I am delighted and honoured to have been selected as this year's recipient of the Sean Hennessy Bursary," said James Spillane, 2025 eSentire Sean Hennessy Bursary winner. "I would like to sincerely thank everyone at eSentire for this incredible opportunity to further explore the fascinating world of cybersecurity, which is a passion and interest of mine. I am also grateful to MTU for their support and guidance through my studies. Receiving this award is an honour and a fulfilling achievement, I want to thank everyone involved for this prestigious opportunity." eSentire has been protecting organisations from known and unknown cyber threats for 20+ years, providing complete attack surface coverage on premises and in the cloud. With 2000+ customers in 80+ countries, eSentire provides Exposure Management, Managed Detection and Response, and Digital Forensics and Incident Response services designed to build an organisation's cyber resilience and prevent business disruption. eSentire protects the world's most targeted organisations, with 65% of its global base recognised as critical infrastructure, vital to economic health and stability. eSentire operates the largest SOC in the Southwest region of Ireland, and as a global leader in providing award-winning cybersecurity solutions, eSentire has contributed to the broader development of the Cork region and its security analysts are highly trained experts on the frontlines of cybercrime. "The 10-year anniversary of the opening of our Global SOC and headquarters in Cork is an important milestone for us," said Ciaran Luttrell, Vice President of eSentire's Global Security Operations. "We have grown our operations and currently employ over 50 staff members, we have completed over 25 SOC analyst internships, and this is the fourth year of our special bursary program honouring the memory of Sean Hennessy." "Reflecting on our ten years in Cork, we are especially proud to have led the way in contributing to the growth of the cybersecurity community," continued Luttrell. "It is through programs such as the annual bursary, our work as Chapter Leads with Cyber Ireland, the sponsorship of CorkSec, a Cork-based Def Con meetup group; and most recently, our partnership with Cyber Innovate, an incubator program supporting cybersecurity start-up companies, which launched in 2024. We could not have accomplished all these achievements without our strong ...

In this episode of Cyber Talks, Tia Hopkins, Chief Cyber Resilience Officer & Field CTO at eSentire, and Roselle Safran, Founder & CEO at KeyCaliber, discuss the evolution of Continuous Threat Exposure Management (CTEM) and its role in modern cybersecurity. They explore the practical application of CTEM, its benefits for business context in security, and how it integrates with Managed Detection and Response (MDR) to enhance resilience. Key takeaways include: The difference between CTEM as a platform, tool, and technology and the 5 key stages of CTEM (per Gartner) Current challenges and limitations of CTEM adoption, such as gaining full visibility, prioritizing vulnerabilities, and cross-team alignment How MDR integrates with CTEM to provide real-time threat detection and response with the ultimate goal of building cyber resilience Emerging trends and technologies to look out for within CTEM -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Eldon Sprickerhoff, widely known and respected for his innovative achievements in cybersecurity, is the Co-Founder of eSentire, a leading global cybersecurity Managed Detection and Response company. Sprickerhoff has a Bachelor of Mathematics (Major: Computer Science, Minor: Economics) from the University of Waterloo, and was awarded the J.W. Graham Medal in Computing and Innovation. He was inducted into the Waterloo Region Entrepreneur Hall of Fame this year and currently works as a Strategic Advisor at Caledon Ventures.  Sprickerhoff knows great tech isn't enough. “Committed” offers Entrepreneurs “survival strategies” that encourage technical founders to embrace their new title, the one that matters most: Chief Survival Officer. “Eldon Sprikerhoff is a legend in the Canadian tech sector — for his pioneering success in founding eSentire, and also for being one of the best mentors around. Anyone who has ever wanted to start a business will benefit from Eldon's hard-won wisdom, delivered with his usual candor, wit and humility. This is a terrific guide to building great businesses, but also, and maybe even more importantly, it is a book about how to stay sane and hopeful when the going gets tough.”       Charles Finlay, Founding Executive Director of Rogers Cybersecure Catalyst at Toronto Metropolitan University   Want to watch: YouTube Meisterkhan Pod (Please Subscribe)

Join us as we dive into the future of cybersecurity with Tia Hopkins from eSentire! Explore how resilience in cybersecurity is redefining business continuity. Stephen and Tia discuss the power and purpose behind Continuous Threat Exposure Management (CTEM) as more than just tech, but a strategic program that keeps organizations prepared and protected. Perfect for security leaders looking to stay ahead of the rapid evolution of technology, this episode demystifies proactive threat management and resilience strategies that will make a lasting impact for businesses.

Tia Hopkins is the chief cyber resilience officer and field CTO at eSentire, an authority in managed detection and response (MDR) services. In this episode, she joins host Charlie Osborne to discuss the cyberattack that hit Bassett Furniture Industries in July of 2024, and some of the financial and operational impacts suffered as a result of this incident. Tia is also featured on our list of cybersecurity pundits. • For more on cybersecurity, visit us at https://cybersecurityventures.com

In this episode of Cyber Talks, Rich Raether, CIO of Quarles & Brady, and Andrew DeBratto, CISO of Hunton Andrews Kurth LLP, discuss their decades-long journey in IT and cybersecurity. They recount shared projects, including navigating early security challenges, and reflect on how the industry has transformed, focusing on threat management and resilience-building. Rich and Andrew also share their personal and professional insights on managing cyber risk and reflect on how best practices in the industry have evolved. They emphasize the importance of fostering a security-conscious culture not just during October but year-round, encouraging proactive education to mitigate risks from ransomware, phishing, and other persistent threats. Key takeaways include: Building and maintaining cybersecurity resilience through incremental improvements and a measured approach to adopting new technologies. How cybersecurity has shifted from traditional perimeter-based models to modern cloud and AI-driven systems, underlining the increased complexity in securing hybrid environments. Practical advice for maintaining security at home and in the workplace, emphasizing proactive user education and vigilance against phishing and impersonation threats. Building resilient security operations with trusted MDR partners to ensure consistent threat visibility and quick incident response. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Greg Crowley, chief information security officer (CISO) at eSentire, an authority in managed detection and response services. Featured on our list of cybersecurity pundits, Greg previously oversaw the overall cybersecurity function as vice president of cybersecurity and network infrastructure at WWE. In this episode, he joins host Charlie Osborne to discuss a cyberattack experienced by Transport for London and the wider issue of transport-related cybercrime. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/ In this episode of Cyber Work Podcast, Tia Hopkins, Chief Cybersecurity Resilience Officer at eSentire, returns to discuss her journey into tech and cybersecurity. She reflects on her early fascination with technology her impactful externship experiences, and the importance of cyber resilience. Tia discusses her roles in making the cybersecurity industry more equitable and her passion for integrating real-world scenarios into education. We also discuss bridging communication gaps between security leaders and business executives, her work with non-profits — aimed at empowering women of color in cybersecurity — advice for hiring diverse talent, and her latest books designed to inspire and guide future cybersecurity professionals. Don't miss this insightful conversation about building a more inclusive and resilient cybersecurity landscape.View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast00:00 Welcome back Tia Hopkins!00:41 Cybersecurity salary ebook01:35 Introducing Tia Hopkins03:45 Tia's early tech fascination06:04 Navigating setbacks and finding passion12:43 The importance of higher education in cybersecurity15:39 The role of cybersecurity leadership18:44 From solutions engineer to chief cyber resilience officer22:46 Understanding cyber resilience30:59 The importance of treat intelligence31:13 Cyber resilience: Testing and maturity31:35 Operational integration and prioritization33:03 Leadership and organizational structure35:01 Diversity and inclusion in cybersecurity37:08 Lowering barriers to entry44:48 Career mapping strategies for 202448:08 Insights from "Hack the Cybersecurity Interview"49:25 Securing our future: Embracing diversity50:56 The joy of problem solving in cybersecurity52:16 Best career advice and leadership transition56:36 About eSentire and final thoughtsAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

The cyber threat landscape is evolving at an unprecedented pace, with increasingly sophisticated attacks from both nation-state actors and cybercriminals. Organizations must not only stay informed about emerging threats but also act swiftly to operationalize threat intelligence. Effective cybersecurity requires collaboration, cutting-edge tools, and strategic partnerships to mitigate risks in this dynamic environment. In this episode, Erin McLean, CMO at eSentire, and Ryan Westman, Director of Threat Intelligence, discuss how eSentire's Threat Response Unit (TRU) operates, the importance of actionable threat intelligence, and the growing impact of AI on the cybersecurity landscape. Key Takeaways: How eSentire's TRU operationalizes threat intelligence to detect and mitigate cyber threats in real-time. The importance of collaboration across the cybersecurity community, from private companies to government agencies. Insights into the evolving global threat landscape, including the role of nation-state actors and cybercriminals. The challenges of law enforcement in combating cybercrime and the critical role of private sector cybersecurity firms. The double-edged impact of generative AI in enhancing productivity while also amplifying the sophistication of cyberattacks. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

James Mignacca is the CEO of Cavelo, a company that specializes in providing advanced data discovery and classification solutions for MSPs. With almost 20 years of experience in the cybersecurity and startup ecosystem, James has been instrumental in several significant ventures, including Sandvine and eSentire. The success of his prior startups validates his ability to lead and innovate, and his current role at Cavelo aims to further enhance the capabilities of MSPs through streamlined, effective solutions. Episode Summary  Welcome to another engaging episode of MSP Business School, where host Brian Doyle interviews James Mignacca, the CEO of Cavelo. This conversation explores James's unique journey from cybersecurity startups to pioneering advanced data discovery and classification solutions for Managed Service Providers (MSPs). Sharing insights from his experience at companies like Sandvine and E Centire, James discusses the importance of simplifying complex cybersecurity tasks for MSPs and integrating effective data management solutions to meet growing regulatory demands. James details the crucial role of data discovery and classification in maintaining cybersecurity, especially as organizations embrace hybrid work environments. Highlighting the growing demand for regulatory compliance and the impact of cybersecurity insurance, he discusses Cavelo's approach to making these processes manageable and profitable for MSPs. Alongside this, James shares personal anecdotes and strategic insights into how Cavelo integrates seamlessly with existing MSP workflows, ultimately enabling them to offer robust security solutions without the complexity and overhead. Key Takeaways: Simplifying Complexity: James emphasizes creating easy-to-use solutions for MSPs that condense multiple functionalities into a single platform, reducing complexity and improving efficiency. Data Discovery and Classification: Crucial for security, especially in hybrid work environments where data is scattered across multiple cloud services and devices. Regulatory Compliance: Increasingly integral in cybersecurity, the ability to meet stringent compliance requirements is a priority for MSPs serving larger organizations and critical infrastructure. Team and Culture: The importance of maintaining a cohesive and talented team through transitions and acquisitions to sustain innovation and drive success. Consolidation and Efficiency: Reducing the number of vendors and integrating essential tools contribute to a streamlined, profitable operation for MSPs. 

In this episode, Erin McLean chats with Mark Benaquista, a seasoned cybersecurity leader and Managing Director at Thomas H. Lee Partners. Mark shares his career journey from starting as an associate at JPMorgan to leading cybersecurity portfolios across various industries. He offers valuable insights into the importance of aligning technology with business objectives and the critical role cybersecurity plays in supporting these goals. Mark also delves into his current role at Thomas H. Lee Partners, where he oversees technology and cybersecurity across the firm's diverse portfolio, highlighting the collaborative approach that drives success. Key discussion points include: Mark's shift from a finance-focused role at JPMorgan to a technology-driven career, illustrating the value of flexibility and seizing new opportunities. Insights from Mark's decade at Merck, where he learned the importance of aligning IT with business objectives and the value of mentorship in career growth. Challenges Mark faced while transitioning to Warner Music and how he first encountered the critical importance of cybersecurity in a rapidly changing industry. Mark's approach to managing technology and cybersecurity across a diverse portfolio, focusing on collaboration, risk management, and the importance of integrating cyber risk into broader business discussions. Mark's thoughts on managing cybersecurity stress, emphasizing transparency, collaboration, and business alignment to ensure that security leaders don't shoulder the burden alone. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

How did Greg Crowley, eSentire's CISO, go from a potential career in broadcast television to IT? In this episode of eSentire Cyber Talks, Greg shares what influenced his pivot into cybersecurity, how he transitioned from being a Systems Engineer to a leadership role at WWE (formerly WWF) to developing the company's first security program amidst its expansion to a global enterprise. Greg also discusses his approach to leadership in his role as CISO, focusing on understanding business dynamics, employee relationships, and the organizational security culture. How Greg's background in non-tech fields contributed uniquely to his roles and approach in cybersecurity. Greg's methodical approach over his first 90 days in leadership roles to understand the intrinsic details of the business and its employees. Why anticipating potential security incidents and preparing response mechanisms beforehand is critical. Why it's important to educate internal teams and the executive leadership about cybersecurity risks and frameworks. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

The manufacturing threat landscape is evolving rapidly, with increased automation and remote access needs making Operational Technology (OT) environments more vulnerable to cyber threats. As attackers become more sophisticated, manufacturers must adapt to protect their critical infrastructure and maintain business continuity. Join Tia Hopkins, Field CTO & Chief Cyber Resilience Officer at eSentire, and Ray Texter, Chief of Information Security at Texas United Management, as they discuss the current state of cybersecurity in manufacturing. They delve into the complexities of securing OT environments, the impact of geopolitical tensions, and strategies to enhance cyber resilience. Key Takeaways: Importance of strong cybersecurity partnerships for midsize companies. The growing significance of OT security in manufacturing. Benefits of industry collaboration and cross-departmental cooperation in enhancing breach response. Managing overall exposure beyond traditional vulnerability management. Preparing for new CISA reporting requirements and their impact on cybersecurity budgets and strategies. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

The manufacturing industry is facing an increasingly complex threat landscape, characterized by expanding attack surfaces due to continuous IT transformation and interconnected OT environments. Key threats such as ransomware and sophisticated social engineering attacks are exploiting these vulnerabilities, making robust security measures and swift incident response crucial. Join Spence Hutchinson, Staff Threat Intelligence Researcher on the Threat Response Unit (TRU) at eSentire, as he delves into the current threat landscape for the manufacturing sector. Spence discusses the latest trends in cyber threats and provides actionable insights based on recent reports from eSentire's Threat Response Unit (TRU). Understanding the "threat surface scope creep" and its implications for manufacturing security. The critical role of visibility in preventing and detecting intrusions stemming from stolen credentials and unpatched vulnerabilities. The rising prevalence of browser-based attacks and USB worms, and how they are targeting manufacturing systems. Strategies for implementing phish-resistant multi-factor authentication and robust device management to mitigate risks. Insights into the underground market dynamics, including credential markets and access brokers, and their impact on the manufacturing sector. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

In today's episode, we delve into the recent surge of identity-based cyberattacks targeting Snowflake customers, with at least 100 companies confirmed impacted as disclosed by Mandiant and Pure Storage (https://www.cybersecuritydive.com/news/snowflake-customer-attacks-what-we-know/719056/). We also explore how attackers are leveraging social engineering to install malware through fake error messages, as outlined by Proofpoint researchers (https://www.helpnetsecurity.com/2024/06/17/social-engineering-malware-installation/). Finally, we discuss how legitimate websites are being exploited to deliver the BadSpace Windows backdoor, detailed by German cybersecurity company G DATA (https://www.gdatasoftware.com/blog/2024/06/37947-badspace-backdoor). 00:00 Introduction to Fake Cyber Attacks 01:11 Fake Error Messages 03:30 The Badspace Backdoor with Trae 06:54 Snowflake Breach: What Happened? Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Snowflake, cyberattacks, identity-based, infiltrate, cybercriminals, malware, proofpoint, fake error messages, hackers, BadSpace, G DATA, cybersecurity, social engineering, cloud data security, Windows backdoor Search Phrases: Identity-based cyberattacks on Snowflake customers Protecting Snowflake accounts from cybercriminals Malware threats to cloud security Proofpoint cybercrime reports Steps to prevent fake error message scams BadSpace Windows backdoor protection measures How hackers use fake browser updates G DATA cybersecurity insights Social engineering defenses in cybersecurity Preventing identity-based infiltrations in cloud systems What we know about the Snowflake customer attacks https://www.cybersecuritydive.com/news/snowflake-customer-attacks-what-we-know/719056/ ---`Sure thing! Here's a flash briefing summarizing the key information about the Snowflake customer attacks: Widespread Impact: Over 100 Snowflake customers have been confirmed impacted by identity-based attacks utilizing stolen credentials from infostealer malware. Approximately 165 businesses remain potentially exposed. [Source: Mandiant] Key Entry Point: Attacks were not due to a vulnerability or breach within Snowflake's system but through stolen credentials from infostealer malware on non-Snowflake systems. Impacted accounts lacked multifactor authentication (MFA). [Source: Mandiant] Early Detection: The earliest unauthorized access to Snowflake customer instances was detected on April 14, with Mandiant beginning its investigation on April 19 and identifying the first confirmed connection to Snowflake on May 14. [Source: Mandiant's June 10 Threat Intelligence Report] Immediate Actions: Snowflake has been suspending user accounts showing signs of malicious activity, blocking suspicious IP addresses, and advising customers to enable MFA and configure network access policies. [Source: Snowflake CISO Brad Jones] Data Theft: The first known sale of stolen data from a Snowflake customer database was posted on May 24. Snowflake disclosed the attacks on May 30, providing indicators of compromise and recommended actions for companies to investigate. [Source: Mandiant] Ongoing Investigation: The investigation, assisted by Mandiant and CrowdStrike, is ongoing. The attacker, referred to as UNC5537, continues to extort victims with stolen data as of June 13. [Source: Mandiant] Malware peddlers love this one social engineering trick! https://www.helpnetsecurity.com/2024/06/17/social-engineering-malware-installation/ ---`- Key Information: Attackers increasingly use fake error messages to trick users into installing malware. Actionable Insight: Stay vigilant when encountering unexpected error messages prompting installations or updates. Key Information: These fake error messages often accompany HTML documents delivered via email attachments. Actionable Insight: Exercise caution when opening email attachments, especially HTML documents, and verify the sender's authenticity. Key Information: Users may be prompted to install root certificates, resolve issues, install extensions, or update DNS caches. Actionable Insight: Before following any such prompts, consult your IT department or perform a quick search to confirm the legitimacy of the request. Key Information: The attack chain requires significant user interaction but cleverly disguises malware installation as a problem-solving step. Actionable Insight: Always take a moment to consider the risk before performing any suggested actions from an error message. Key Information: Various attackers, including initial access brokers, use these techniques to deploy PowerShell scripts, installing malware like DarkGate and NetSupport. Actionable Insight: Familiarize yourself with the signs of PowerShell script execution and report any suspicious activity to your security team. Key Information: Detection is difficult because the malicious script is copied to the clipboard via JavaScript and manually run by the user. Actionable Insight: Be wary of any browser prompts to copy scripts or commands and avoid running them directly from your clipboard. Key Information: Users are the last line of defense if browsing protections and email filters fail. Actionable Insight: Engage in regular cybersecurity training to identify and report suspicious activities promptly. Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor https://www.gdatasoftware.com/blog/2024/06/37947-badspace-backdoor Compromised Websites as Conduits: Hackers use legitimate websites, often built on platforms like WordPress, to deliver a Windows backdoor named BadSpace. They disguise the attack as fake browser updates, making it hard for users to detect. Multi-Stage Attack Chain: The attack begins with an infected website that checks if a user has visited before. On the first visit, the site collects device data, IP address, user-agent, and location, then sends it to a command-and-control (C2) server. The server responds with a fake Google Chrome update pop-up that either directly drops the malware or uses a JavaScript downloader to deploy BadSpace. Malware Capabilities: BadSpace can harvest system information, take screenshots, execute commands, read/write files, and delete scheduled tasks. It employs anti-sandbox techniques and sets up persistence using scheduled tasks. Connections to SocGholish: The C2 servers linked to BadSpace show connections to another malware known as SocGholish (aka FakeUpdates), which uses similar tactics. Current Threat Landscape: Organizations like eSentire and Sucuri report ongoing campaigns using fake browser updates to spread information stealers and remote access trojans.

In this episode of Cyber Talks, Erin McLean and Eldon Sprickerhoff, Founder & Advisor of eSentire, to discuss the latest trends and misconceptions in cybersecurity. Eldon shares his recent experience of being inducted into the Waterloo Entrepreneur Hall of Fame, reflecting on his journey and the importance of support from his family and colleagues. The conversation dives into debunking pervasive myths in the industry, such as "the bad guys only need to be right once" and "humans are the weakest link," offering a more nuanced view of the ongoing battle between threat actors and security practitioners. Eldon also provides insights into the role of AI in cybersecurity, stressing the need for scrutiny and understanding the practical outcomes of AI tools. He discusses the evolving concept of materiality in the context of SEC regulations and the importance of honest communication about cybersecurity incidents. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠.

In this episode, Richard talks to Stuart Ashenbrenner and Wes Hutcherson of Huntress. They share their advice on managing Macs for clients to prevent and manage hacks.Stuard is a staff macOS researcher, focusing on macOS security and development, with a ton of experience working as a macOS detections engineer and software engineer.He's spoken at various conferences about macOS security, and he is the coauthor and core developer of the open source macOS incident response tool called Aftermath. Wes is the director of product marketing for Huntress, where he oversees market intelligence and go-to-marketing strategies. His multifaceted technology and cybersecurity experience spans over a decade.He's worked with market leaders such as Bishop Fox, eSentire, Hewlett Packard, and Dell SecureWorks covering managed detection and response, governance, risk and compliance, continuous threat exposure management, offensive security and other topics. Richard asks them to explain how Huntress help MSPs, how to deploy the tool and their typical partners, before digging in to threats specifically targeting Macs. Wes explains the Huntress MacOS support and why they decided to put it together. Stuart talks about the most common attack vectors on macOS and security best practice that MSPs should follow. Wes explains a number of acronyms that MSPs might come across when dealing with Macs and what they mean to users.Richard, Stuart and Wes look at Mac-specific attacks, third-party breaches and how to protect clients, particularly those who believe that Macs are more secure than PCs.They explore tools and resources, touch management, staying ahead of the curve and how MSPs can take advantage of the threats to Macs to find a business opportunity.Mentioned in This EpisodeOpen source macOS incident response tool: AftermathPodcast: Interview with Dray AghaMalware: Atomic macOS Stealer (AMOS)Trojan: Info StealerShell programme: BashScripting language: AppleScriptKnowledge base: MITRE ATT&CK macOS threat: CuckooXM Cyber study into breach and attack simulationsSlack community: MacAdminsBlog series: Ask the Mac Guy: macOS Security Mythsbunch of resources you can find on our website. It's very easy to find on, under resourcesOn-demand webinar: Dealing with Mac threatsMSP...

In today's episode, we discuss fake browser updates distributing BitRAT and Lumma Stealer via Discord (https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html), a malicious npm package targeting Gulp users with a RAT (https://thehackernews.com/2024/06/researchers-uncover-rat-dropping-npm.html), and the high-severity Atlassian Confluence RCE vulnerability (CVE-2024-21683) for which a PoC is now available (https://www.helpnetsecurity.com/2024/06/03/cve-2024-21683-poc/). Tune in to learn about these critical cybersecurity threats and how you can protect your systems.Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Browser Updates, Cybersecurity Threat, BitRAT, Lumma Stealer, eSentire, Fake Browser Updates, Discord, Malicious npm Package, Gulp Toolkit, Remote Access Trojans, Software Supply Chain Attacks, CVE-2024-21683, Atlassian Confluence, Remote Code Execution, Cyber Attackers, Cybersecurity Researchers, Downloader Malware, Exploit, Developer Security, Cyber Attack Mitigation Search Phrases: How to avoid fake browser updates BitRAT malware detection What is Lumma Stealer Discord used for malware distribution Malicious npm packages 2024 Latest remote access trojans CVE-2024-21683 Atlassian Confluence vulnerability Protect against software supply chain attacks eSentire cybersecurity report Remote code execution in Atlassian Confluence https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html Rise of Fake Browser Updates as Malware Vectors: Cybercriminals now use fake browser updates to distribute BitRAT and Lumma Stealer malware. These attacks typically start when users visit compromised websites that redirect them to fraudulent update pages. Actionable Insight: Avoid downloading updates from unfamiliar sources; always verify the legitimacy of update prompts through official channels. Discord as a Malware Distribution Platform: Attackers use Discord to host malicious files, leveraging its widespread use among legitimate users. Bitdefender found over 50,000 harmful links on Discord in the past six months. Actionable Insight: Exercise caution when downloading files from Discord and report suspicious links to platform moderators. Sophisticated Attack Chain Mechanisms: Attacks involve JavaScript and PowerShell scripts within ZIP files to execute malware. These scripts load additional payloads disguised as PNG image files, adding a layer of obfuscation. Actionable Insight: Use advanced endpoint protection that can detect and mitigate script-based attacks. BitRAT and Lumma Stealer Capabilities: BitRAT can harvest data, mine cryptocurrency, and take control of infected devices. Lumma Stealer, available for rent, steals information from web browsers and crypto wallets. Actionable Insight: Regularly update and patch software, employ strong passwords, and use multi-factor authentication to protect sensitive information. Emerging Threats: Drive-by Downloads and Malvertising: Fake browser update attacks often utilize drive-by downloads and malvertising techniques. Recent campaigns trick users into manually executing malicious PowerShell code under the guise of browser updates. Actionable Insight: Educate users on the risks of drive-by downloads and ensure robust network defenses are in place. Lumma Stealer's Growing Popularity: Lumma Stealer logs for sale increased by 110% from Q3 to Q4 2023, indicating its effectiveness and high success rate. Actionable Insight: Implement continuous monitoring and threat intelligence to detect and respond to emerging threats promptly. Exploiting Pirated Software: Attackers use pirated software and adult game installers to distribute various malware, including Orcus RAT and XMRig miner. Actionable Insight: Avoid using pirated software and educate users about the risks involved. CryptoChameleon's DNSPod Utilization: CryptoChameleon uses DNSPod servers for fast flux evasion, making it difficult to track and mitigate. Actionable Insight: Employ advanced DNS security measures and stay updated on threat actor tactics to enhance detection capabilities. Malicious npm Package Alert: Cybersecurity researchers discovered a suspicious npm package named "glup-debugger-log" targeting Gulp users. This package aims to drop a remote access trojan (RAT) on compromised systems. [Source: Phylum] Target Audience: The malicious package specifically targets developers using the Gulp toolkit by posing as a logger for Gulp plugins. So far, it has been downloaded 175 times. [Source: Phylum] Technical Breakdown: The package contains two obfuscated files working together. One file acts as an initial dropper to compromise the target machine and download additional malware. The other file provides persistent remote access to the attacker. [Source: Phylum] Detection Evasion: The malware includes checks for network interfaces, specific Windows OS types, and the number of files in the Desktop folder. This step likely aims to avoid deployment in controlled environments like virtual machines (VMs) or new installations. [Source: Phylum] Persistence Mechanism: If all checks pass, the malware launches another script to set up persistence and execute commands from a URL or local file. It establishes an HTTP server on port 3004 to listen for incoming commands. [Source: Phylum] Capabilities: The RAT can execute arbitrary commands and send the output back to the attacker. Despite its minimal functionality, the malware is sophisticated due to its obfuscation techniques and targeted approach. [Source: Phylum] Industry Implications: This discovery highlights the evolving landscape of malware in open-source ecosystems. Attackers are increasingly using clever techniques to create compact, efficient, and stealthy malware. [Source: Phylum] Critical Update Alert: If you self-host Atlassian Confluence Server or Data Center, immediately upgrade to the latest version to fix a remote code execution (RCE) flaw, CVE-2024-21683. The PoC and technical details are already public. (Source: SonicWall) Vulnerability Details: CVE-2024-21683 allows attackers to exploit Confluence via a specially crafted JavaScript language file, with no user interaction required. However, attackers must be logged in and have privileges to add new macro languages. (Source: SonicWall) Technical Insight: The flaw lies in the input validation mechanism of the 'Add a new language' function in the 'Configure Code Macro' section. Insufficient validation allows the injection of malicious Java code. (Source: SonicWall) Exploit Conditions: To exploit, an attacker needs network access to the system, the ability to add new macro languages, and a forged JavaScript file containing malicious Java code. (Source: SonicWall) Proof of Concept: A working PoC is available on GitHub, showcased by security researcher Huong Kieu, highlighting the ease with which this vulnerability can be weaponized. (Source: GitHub) Upgrade Urgency: Given Confluence's critical role in many organizations' knowledge bases, users are strongly advised to upgrade to the latest versions as per the vendor advisory to mitigate potential exploits. (Source: SonicWall) Impact and Mitigation: The vulnerability has a high impact on system confidentiality, integrity, and availability. SonicWall has released IPS signatures (4437 and 4438) to protect against exploitation. (Source: SonicWall) Listener Engagement: Have you upgraded your Confluence instance yet? What's your strategy for handling such critical updates? Share your thoughts with us!

In this episode of Cyber Talks, Erin McLean, Chief Marketing Officer at eSentire, sits down with Bob Layton, Chief Channel Officer, and Tommy Wald, CEO of RIATA Technologies, to discuss the evolution of MSSP services, the importance of building strong client relationships, and the necessity of robust vendor partnerships. Tommy and Bob also share their experiences and insights on transitioning from hardware reselling to managed services, developing industry best practices, and the challenges of commoditization in the MSP space. Key discussion points include: The importance of building a sustainable business model, and differentiating services to stand out in a crowded market. How MSSPs can understand client needs, by focusing on service quality and maintaining compliance in regulated industries. The role of security as a utility and the importance of delivering exceptional service rather than competing on brand power alone. Future trends that will impact the MSSP market (e.g., increasing role of automation, the need for standardized definitions, and practices in the MSP industry). -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠.

Although mergers and acquisitions (M&As) are strategic moves that can propel companies toward greater market share, enhanced capabilities, and increased innovation, one critical aspect often overlooked is cybersecurity. Ensuring robust cybersecurity during the M&A process is paramount, as it safeguards the integrity of both companies involved, protects sensitive data, and mitigates potential risks that could derail the transaction or devalue the acquisition. In this podcast episode, Greg Crowley, Chief Information Security Officer at eSentire, discusses the role of cybersecurity in M&As with Ron Park, Operating Partner & Technology Advisor to PE firms, and Dwayne Smith, SVP, Security and Global CISO of PrismHR. Together, Ron, Dwayne, and Greg discuss the importance of incorporating cybersecurity considerations in the due diligence process, the practical aspects of evaluating a company's security posture, managing risks, and ensuring a smooth post-acquisition integration. Key discussion points include: The various stakeholders involved in M&A processes (e.g., buyers, sellers, and third-party consultants) and key areas to focus on during tech and product diligence, including cybersecurity, organizational structure, and technology processes. The importance of having a standardized playbook for M&A processes and the challenges of dealing with disparate cybersecurity practices across merged entities. The critical need for effective communication with non-technical stakeholders. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠.

Host Karl Palachuk interviews Wes Hutcherson and Stuart Ashenbrenner from Huntress on the challenges and (and victories) of securing macOS endpoints.  As you know, MacOS represents a growing percentage of the business device operating system market, outperforming both Linux and ChromeOS. Since this is going to be a growing portion of the endpoints you support, it's good to know how you're doing to do that. And with so many "home" and personal devices now being used for company purposes, quick response is important as well. The panel addresses the challenges of the MacOS users - including their persistent reluctance to believe that their devices need protection at all! There is a false sense of security around MacOS, driven by old-school understandings of Mac security and the realities of well-funded adversaries on the dark web. MacOS malware now accounts for 6.2% of all endpoint OS malware. Half of all MacOS users have been affected by malware, hacking, or scams. You can expect that to grow as well. ----- Thanks to Huntress for sponsoring the SMB Community Podcast. Partners can learn more at https://www.huntress.com/karl Wes Hutcherson is the Director of Product Marketing for Huntress where he oversees market intelligence and go-to-market strategies. His multi-faceted technology and cyber security experience spans over a decade with market leaders such as Bishop Fox, eSentire, Hewlett-Packard, and Dell SecureWorks, covering Managed Detection and Response, Governance, Risk, and Compliance, Continuous Threat Exposure Management, Offensive Security, and other topics. Stuart Ashenbrenner works at Huntress as a Staff macOS Researcher, focusing on macOS security and development. He has spoken at various conferences about macOS security, including Objective by the Sea. He is co-author and core developer on the open source, macOS incident response tool called Aftermath. He has perviously worked as a macOS detections engineer and a software engineer. :-) — Our upcoming events and more: Register for James's class at ITSPU! 5W22 – MSP Professional Sales is live. Enroll today: https://www.itspu.com/all-classes/classes/msp-professional-sales-program/ MASTERMIND LIVE – Tampa, FL – June 27-28th http://bit.ly/kernanmastermind Use “EARLYBIRD” as the coupon code to save $200! Check out Amy's weekly newsletter!  Sign up now: https://mailchi.mp/thirdtier/small-business-tech-news Kernan Consulting “Weekly Tips”!  Sign up now: https://kernanconsulting.com/  Our Social Links: https://www.linkedin.com/in/james-kernan-varcoach/ https://www.facebook.com/james.kernan https://www.facebook.com/karlpalachuk/ https://www.linkedin.com/in/karlpalachuk/ https://www.linkedin.com/in/amybabinchak/ https://www.facebook.com/amy.babinchak/ https://thirdtier.net https://www.youtube.com/@ThirdTierIT --- Sponsor Memo: Huntress Today's SMB Community Podcast is brought to you by Huntress Managed Security. Cybersecurity is more than software—it's also the expertise needed to effectively fight against today's evolving threat landscape. Huntress Managed Security is custom-built to provide human expertise and save your clients from cyber threats. Huntress' suite of fully managed cybersecurity solutions is powered by a 24/7, human-led SOC dedicated to around-the-clock monitoring, expert investigation, and rapid response. While you focus on growing your business, we provide first response to hackers. Huntress has the #1 rated EDR for SMBs on G2 and a partner support Satisfaction score average of 99%. To start a trial today, visit https://huntress.com/karl

For those who want to enter the cybersecurity field, especially if they come from a non-technical background, there is no shortage of opportunities. Just ask Kristin Kelly, our Growth Marketing Programs Specialist, who was recently recognized as a Young Professional to Watch by the International Legal Technology Association (ILTA). In this conversation with Erin McLean, Chief Marketing Officer at eSentire, Kristin shares her story of how she transitioned from a non-technical PR role to becoming a technical cybersecurity marketer and how her involvement with industry events like RSA and ILTACON have enabled her to build key relationships with cybersecurity leaders. Key topics of discussion include: How Kristin has worked to overcome imposter syndrome and become more proactive to share ideas and build networks at work The importance of self-education and networking to grow in the cybersecurity industry Why it's critical to empathize with your customers and partners and go beyond business transactions to build trusted relationships --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠.

In this episode, Ciaran Luttrell, Sr. Director of SOC Operations, EMEA, is joined by Rob Watson, SVP Security Services, to discuss security operations. Specifically, they chat about how SOCs should be structured, how to build a high-performing team of SOC Analysts, helping your team tackle burnout, and what it really takes to build an in-house SOC. Key conversation topics include: How to structure your SOC Analysts teams, from Tier 0 to Tier 3 support Strategies for effectively managing a SOC The real value that a robust team of SOC Analysts can bring to the table and how they help organizations deal with coverage, visibility, and threat response How security operations may evolve in the future --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.eSentire's Threat Response Unit has observed FakeBat loader being distributed via FakeUpdates, ultimately leading to a LummaC2 infection via a custom-written PaykRunPE provided by the FakeBat Threat Actors.CISA is investigating a breach at business intelligence company Sisense and urged all Sisense customers to reset any credentials and secrets that may have been shared with the company.CISA has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft.Volexity identified a zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring customers.

In this episode, we sit down with Spence Hutchinson, Sr. Staff Threat Intelligence Researcher with our Threat Response Unit (TRU), and chat about the ransomware landscape, the cybercriminal "gig" economy, and which industries and types of businesses are most at risk of ransomware attacks. Key takeaways from the conversation include: The evolution of ransomware attacks from simple smash-and-grab strategies to more sophisticated network-wide dominations How ransomware-as-a-service groups operate and how they infiltrate networks to gain initial access How the "outside in" approach helps to understand threats posed by the Dark Web The role that Initial Access Brokers (IABs) play in the ransomware economy and how they use the Dark Web to sell access to other cybercriminals Why Lockbit is one of the most impactful threats for SMBs and why it's so challenging to defend against --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠.

In this episode, we sit down with Joe Panettieri, Founder of Channel Angels, Sustainable Tech Partner, and Mentore Ventures, to discuss how Joe got his start as a communications intern at IBM, his approach to making cybersecurity communications clear and digestible, and the dynamic nature of the cybersecurity industry. He also shares the lessons learned from supporting a wide array of cybersecurity stakeholders and his experience with ChannelE2E, focusing on business valuation maximization and provides an insider's view on the inception of the MSP 501 list, along with insights into the evolving relationship between service providers and CIOs/CISOs. Key takeaways from the conversation include: The importance of clarity and customer understanding in cybersecurity communications. Business valuation in the MSP and MSSP sector is heavily influenced by evolving market trends and re-emerging technologies. MDR's increasing significance in the cybersecurity landscape and the essential questions CISOs/CIOs must ask of their service providers. The impact of Generative AI on the cybersecurity industry and the strategic advice for navigating its implications. The convergence of green IT and cybersecurity, highlighting the urgency for service providers to adopt sustainable practices. --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠ and follow ⁠⁠⁠⁠@eSentire⁠⁠⁠⁠.

The AlphV/BlackCat ransomware-as-a-service gang has been in the news lately thanks to the recent ransomware attack on Change Healthcare that resulted in widespread disruptions to healthcare services and allegedly resulted in the organization paying a $22 million ransom. Shortly thereafter, an affiliate claimed that BlackCat cheated them out of their share of the $22 million dollar ransom. So, what's going on? In this episode, Spence Hutchinson speaks with Joe Stewart, Principal Threat Researcher at eSentire, and Keegan Keplinger, Sr. Threat Intelligence Researcher at eSentire, all about AlphV/BlackCat's ransomware operations. Key topics discussed include: Who AlphV/BlackCat ransomware operators are and how they use malvertising to gain initial access The ransomware attack on Change Healthcare The validity of BlackCat claiming that the FBI has seized their Dark Web site and released a decryption tool Signs that a ransomware-as-a-service group is rebranding or preparing an exit scam --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠.

Private Equity (PE) firms are increasingly targeted due to their comprehensive disclosure requirements, possession of sensitive data, and wide network of portfolio companies, making them lucrative targets for cybercriminals. What's more, threat actors exploit these characteristics to gain access to an extensive network by breaching just one entity. In this episode of Cyber Talks, Ryan Westman and Eldon Sprickerhoff dive into the intricate relationship between private equity firms and their portfolio companies concerning cybersecurity. Key takeaways of the episode include: Reasons PE firms are attractive targets for cybercriminals, including their access to sensitive data and extensive networks Unique challenges PE firms face, such as limited visibility and control over cybersecurity measures across their portfolio companies and the diverse range of cyber risks associated with investing across multiple industries Common misconceptions about cybersecurity postures among PE firms, the evolving tactics of cyberattackers, and the critical role of user awareness in preventing attacks Recommendations to defend against remote exploitation and the misuse of valid credentials --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠.

The US House votes to enact restrictions on TikTok. HHS launches an investigation into Change Healthcare. An Irish Covid-19 portal puts over a million vaccination records at risk. Google distributes $10 million in bug bounty rewards. Nissan Oceana reports a data breach resulting from an Akira ransomware attack. Meta sues a former VP for alleged data theft.  eSentire sees Blind Eagle focusing on the manufacturing sector. Claroty outlines threats to health care devices. A major provider of yachts is rocked by a cyber incident. In our Threat Vector segment, David Moulton explores the new SEC cybersecurity regulations with legal expert and Unit 42 Consultant Jacqueline Wudyka. And ransomware victims want their overtime pay.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment, host David Moulton explores the new SEC cybersecurity regulations that reshape how public companies handle cyber risks with legal expert and Unit 42 Consultant Jacqueline Wudyka. They discuss the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape.  Selected Reading Bill that could spur TikTok ban gains House OK  (SC Media) What would a TikTok ban look like for users? (NBC News) HHS to investigate UnitedHealth and ransomware attack on Change Healthcare (The Record) How a user access bug in Ireland's vaccination website exposed more than a million records (ITPro) Google Paid $10m in Bug Bounties to Security Researchers in 2023 (Infosecurity Magazine) Nearly 100K impacted by Nissan Oceania cyberattack (SC Media) Meta Sues Former VP After Defection to AI Startup (Infosecurity Magazine) Malware Analysis: Blind Eagle's North American Journey (esentire) Only 13% of medical devices support endpoint protection agents (Help Net Security) Billion-dollar boat seller MarineMax reports cyberattack to SEC (The Record) City workers not getting paid overtime amid Hamilton's ransomware attack: unions (CBS News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Since its emergence in 1911, every year on March 8, we celebrate International Women's Day to recognize the inspiring contributions that women have made in the professional and personal lives of those around them. In this episode, Erin McLean talks to Tia Hopkins and Andrea Markstrom, the Chief Information Officer at Schulte Roth & Zabel LLP and Founder of i.WILL, about their career journeys in cybersecurity, how they empower and support women, and the foundations they've started. They discuss: Why there's no single, linear path into cybersecurity or leadership roles in technology The importance of mentorship and networking for growth Their commitment to lifting as they climb through their involvement with the i.WILL and Black Women in Cyber Collective foundations How to find your voice and make a mark in your field --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠.

Since their emergence in 2019 under the moniker 'ABCD', the LockBit ransomware-as-a-service gang has carved out a notorious reputation as a leading purveyor of ransomware. Their notoriety was cemented by pioneering triple extortion techniques and causing unprecedented disruption across the globe. However, they suffered a significant blow with the orchestrated international law enforcement operation named 'Operation Cronos'. In this episode, Ciaran Luttrell, Keegan Keplinger, and Brandon Stencell, provide a gripping account of LockBit's operations, their innovative TTPs, and the collaborative law enforcement efforts that led to their partial dismantling. We also offer an insider's look into how the takedown was executed, the resurgence of LockBit and the new Dark Web leak sites, and the broader implications for cybersecurity professionals. Key discussion points include: The evolution and operational methods of LockBit since its inception. Insights into 'Operation Cronos' and its impact on LockBit's infrastructure. The tactical shutdown of LockBit's technical and financial frameworks by international law enforcement. The immediate response by LockBit, including setting up new operations and their public threats. Strategies and advice for cybersecurity professionals to safeguard against future iterations of LockBit and similar ransomware threats. --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠ and follow ⁠⁠⁠⁠@eSentire⁠⁠⁠⁠.

In this episode, we explore Michael Smith's journey from an Air Force IT Manager to VP of Infrastructure and Operations at Trinity Industries, Inc., highlighting his pivotal roles and the cybersecurity landscape within the architecture, engineering, and construction sectors. Michael shares insights on outsourcing cybersecurity teams, the strategic decision-making behind these choices, the evolving role of the CISO, and the importance of strategic positioning within an organization. Michael emphasizes the strategic value of leadership positions and how the role that mentorship played in his transition from CISO to CIO while at Jacobs. The discussion also covers Michael's philosophy on leadership, focusing on extreme ownership and servant leadership, and how this influences his approach to new operational challenges. Key takeaways include: The importance of adaptability and strategic thinking in advancing from technical roles to executive leadership in cybersecurity. Why mentorship and leadership development are critical for building resilient cybersecurity teams and fostering innovation. Strategic outsourcing vs. in-house team development: considerations for effective cybersecurity management. The evolving role of the CISO in organizational structures and the importance of C-level accountability and board engagement in cybersecurity. --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠www.esentire.com⁠⁠⁠ and follow ⁠⁠⁠@eSentire⁠⁠⁠.

Given the macroeconomic climate, security leaders are constantly tasked to do more with less – you're being asked to take on more responsibility and protect your organizations against increasing cyber threats while balancing evolving regulatory frameworks and third-party vendor risk management. In this episode, Tia Hopkins, Chief Cyber Resilience Officer at eSentire, and Greg Crowley, Chief Information Security Officer at eSentire, discuss the trends they are seeing from a budgetary perspective and how security leaders can build a more resilient security operation. Key topics of discussion include: Most common types of cyber threats impacting businesses (e.g., the ‘as-a-service' business model, nation-state cyberattacks, etc.) Why security leaders need to shift from a cyber risk reduction mindset to building cyber resilience mindset The two options that security leaders have to build a more resilient security operation (i.e., DIY approach vs. outsourcing 24/7 threat detection, investigation, and response capabilities) How to build alignment with finance leaders to get the cybersecurity investment you need --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠www.esentire.com⁠⁠ and follow ⁠⁠@eSentire⁠⁠.

Whether you're on the football field or on the cybersecurity battlefield, being resilient means being able to bounce back stronger after a setback. On the field, it's about how quickly your team is able to adapt to a bad start or a late-game deficit to take the win. In cybersecurity, it's about how your organization can anticipate, withstand, and recover from even the most sophisticated cyber threats by responding efficiently and restoring operations. Both require a mindset focused on learning from challenges and strengthening defenses for the next encounter. Success isn't about never facing setbacks; it's about how effectively you recover and prepare for the next challenge. In this episode, Tia Hopkins, our Chief Cyber Resilience Officer & Field CTO, talks with Terrell Davis, Football Hall of Famer and former running back for the Denver Broncos, about the parallels between sport's biggest stage and the battle facing security leaders today, including: Seeing the big picture and getting full attack surface visibility The importance of deep investigation to drive effective security (and sport) performance Balancing an offensive game plan vs. defensive expertise Why building and measuring resilience is the key to your success – not only in business or on the football field but in the game of life --- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠www.esentire.com⁠ and follow ⁠@eSentire⁠.

The role of any security leader – be it the CISO, CIO, VP Security, or even Director of Security, is that of a grandmaster in chess. Every move in the first phase sets the tone for the game, and the world of cybersecurity is no different. As a new security leader, your first 90 days can either establish a robust defense against cyber threats or leave your company vulnerable to myriad of threats. In this episode, Greg Crowley, Chief Information Security Officer (CISO) at eSentire, joins us to share what new security leaders should focus on within their first 90 days. Key topics of discussion include: What led Greg to join a security firm after a 17-year long tenure as the VP of Cybersecurity and Network Infrastructure at WWE How security leaders should identify and approach potential allies and resistors within their first 30 days Which security metrics are most valuable, and how leaders should assess their organization's security maturity How to win over the board's trust and get the necessary resources --- Have a question for Greg? Reach out to us: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit www.esentire.com and follow @eSentire.

Ryan Westman, Senior Manager, Threat Intelligence, eSentire's Threat Response Unit (TRU), is discussing their research "Two Russian-speaking cyber gangs attack employees from 23 different companies." They are using malicious Google ads, promoting popular business software such as Zoom, Slack, and Adobe. The customers targeted are companies in the manufacturing, software, legal, retail and healthcare industries. The attacking threat actors belong to the Russian-speaking Malware-as-a-Service (MaaS) groups called BatLoader and FakeBat. The research can be found here: Two Competing, Russian-Speaking Cybercrime Groups Attack Employees from 23 Companies in the Manufacturing, Software, Legal, Retail, and Healthcare Sectors Using Malicious Google Ads

Ryan Westman, Senior Manager, Threat Intelligence, eSentire's Threat Response Unit (TRU), is discussing their research "Two Russian-speaking cyber gangs attack employees from 23 different companies." They are using malicious Google ads, promoting popular business software such as Zoom, Slack, and Adobe. The customers targeted are companies in the manufacturing, software, legal, retail and healthcare industries. The attacking threat actors belong to the Russian-speaking Malware-as-a-Service (MaaS) groups called BatLoader and FakeBat. The research can be found here: Two Competing, Russian-Speaking Cybercrime Groups Attack Employees from 23 Companies in the Manufacturing, Software, Legal, Retail, and Healthcare Sectors Using Malicious Google Ads Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Sonar Source are reporting on a few vulnerabilities they have found in pfSense.eSentire's Threat Response Unit launched a multi-pronged offensive against the Gootloader Initial Access-as-a-Service Operation. ESET researchers documented a series of new OilRig downloaders, all relying on legitimate cloud service providers for command and control communications.The Black Lotus Labs team at Lumen Technologies is tracking a small or home office router botnet that forms a covert data transfer network for advanced threat actors. You can make a donation in support of ending domestic violence through Cybersecurity Cares.

There is growing demand for cybersecurity professionals all around the world. According to the “2023 Official Cybersecurity Jobs Report,” sponsored by eSentire and released by Cybersecurity Ventures, there will be 3.5 million unfilled jobs in the cybersecurity industry through 2025. Furthermore, having these positions open can be costly. The researchers said damages resulting from cybercrime are expected to reach $10.5 trillion by 2025. In response to the escalating demand for adept cybersecurity professionals in the U.S., the Department of Energy (DOE) has tried to foster a well-equipped energy cybersecurity workforce through a hands-on operational technology cybersecurity competition with real-world challenges. On Nov. 4, the DOE hosted the ninth edition of its CyberForce Competition. The all-day event, led by DOE's Argonne National Laboratory (ANL), drew 95 teams—with nearly 550 students total—from universities and colleges across the nation. This year the focus was on distributed energy resources including solar panels and wind turbines. “The CyberForce Competition comes out of the Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response, which is CESER for short,” Amanda Theel, group leader for workforce development at ANL, said as a guest on The POWER Podcast. “Their main goal for this is really to help develop the pipeline of qualified cybersecurity applicants for the energy sector. And I say that meaning, we really dive heavily on the competition and looking at the operational technology side, along with the information technology side.” Theel said each team gets about six or seven virtual machines (VMs) that they have to harden and defend to the best of their ability. Besides monitoring and protecting the VMs, which include normal business systems such as email and file servers, the teams also have to defend grid operations and other energy resources. “We have a Red Team that's constantly trying to either come into the system from your regular attack-defend penetration. We also have a portion of our Red Team that we like to call our ‘assumed breach,' so we assume that adversary is already in the system,” Theel explained. “The Blue Team, which is what we call our college students, their job is to work to try to get those Red Team members out.” She said they also have what they call “our whack-a-mole,” which are vulnerabilities built into the system for the Blue Team members to identify and patch. Besides the college students, ANL brings in volunteers—high school students, parents, grandparents, people from the lab, and people from the general public—to test websites and try to pay pretend bills by logging in and out of the simulated systems. Theel said this helps students understand that while security is important, they must also ensure that owners, operators, and end-users can still get in and use the systems as intended. “So, you have to kind of play the balance of that,” she said. Other distractions are also incorporated into the competition, such as routine meetings and requests from supervisors, for example, to review a forensics file and check the last time a person in question logged into the system. The intention is to overload the teams with tasks so evaluators can see if the most critical items are prioritized and remedied. For the second year in a row, a team from the University of Central Florida (UCF) won first place in the competition (Figure 1). They received a score of 8,538 out of 10,000. Theel said the scores do vary quite significantly from the top-performing teams to lower-ranked groups. “What we've found is obviously teams that have returned year after year already have that—I'll use the word expectation—of already knowing what to expect in the competition,” explained Theel. “Once they come to year two, we've definitely seen massive improvements with teams.”

In our latest Technology Insights podcast, Stephen Semmelroth, Sr. Director of Security at AVANT, dives deep into the new regulations from the SEC (Security and Exchange Commission) on cybersecurity. 'Who does that impact from your board?? How do these regulations affect you and your business? What are the key takeaways you need to know? Stephen is joined by one of the most preeminent on the subject Tia Hopkins, Chief Cyber Resilience Officer and Field CTO from eSentire, and together they are answering these questions and more!   Listen in and learn with these cybersecurity pros!  

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Intel471 are reporting on a campaign utilizing Bumblebee, a type of a loader that has increasingly been used by threat actors affiliated with ransomware.ESentire are reporting on several attacks conducted by the Russia-linked LockBit Gang.Permiso reporting on LUC-3 who overlaps with Scattered Spider.Cisco Talos has discovered a new malware family they have dubbed HTTPSnoop being deployed against telecommunication providers in the Middle East. WeLiveSecurity have stumbled upon a previously unknown backdoor being deployed in the Middle East that they have named DeadGlyph. Unit42 have started investigating a series of espionage attacks targeting a government in Southeast Asia.LimaCharlie's Office Hours, where we break down some TTPs in-depth, take place every Friday at 9.00 AM PT / 12.00 PM ET. You can find more information here: limacharlie.io/office-hoursThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

Greg Crowley, CISSP, CISM is the Chief Information Security Officer at eSentire. In this episode, Greg joins host Steve Morgan to discuss the current state of cybercrime, including some of the top threats, such as phishing and ransomware, how AI and ChatGPT fit into the landscape, and more. To learn more about our sponsor, eSentire, visit https://esentire.com

In this week's episode of The Conference Room we welcome Sean Blenkhorn, the Vice President of Worldwide Sales Engineering at Axonius, a leading cybersecurity vendor. With over two decades of experience in diverse organizations like Symantec, Canadian Bank CIBC, and eSentire, Sean is one of the authorities of Sales Engineering in the cybersecurity sector. Join us as we dive into the intriguing world of "pre-sales", and explore its critical role in bridging the gap between technology and sales. KEY TAKEAWAYS FROM THIS EPISODE Defining Sales Engineering: Sean starts our conversation by providing insights into the role of a sales engineer, emphasizing their responsibility in helping customers understand the technical aspects of solutions and products. Tune in at [00:01:12] to get a clear understanding. Technical Expertise vs. Sales Skills: At [00:03:25], the discussion delves into the distinct qualities required in a sales engineer, balancing technical expertise with effective communication and relationship-building skills. Supporting Account Executives: Learn how sales engineers work closely with account executives to tailor solutions to customer needs. Sean highlights this collaborative nature at [00:05:42]. Trust and Relationships: Discover how a deeper level of trust often develops between customers and sales engineers, leading to more meaningful interactions and understanding. Join us at [00:07:58] for this insightful discussion. Traits of a Good Sales Engineer: Sean outlines the qualities that make a successful sales engineer, including passion for the industry, agility in working with diverse teams, effective communication, and a hunger for learning. Hear more at [00:10:20]. Transitioning to Leadership: The challenges and rewards of moving from a sales engineer to a leadership position are explored at [00:12:45], underlining the shift from individual contributions to team development and culture building. THIS WEEK'S GUEST - SEAN BLENKHORN Sean Blenkhorn, Vice President of Worldwide Sales Engineering at Axonius, boasts over 20 years of industry experience across diverse sectors. With roles in renowned organizations such as Symantec, Canadian Bank CIBC, and eSentire, Sean has acquired a deep understanding of both cybersecurity and effective sales strategies. His proficiency as an advisor to early-stage vendors underscores his credibility in guiding technological solutions to success. Since 2021, Sean has steered Axonius' global sales engineering team, showcasing his exceptional leadership and commitment to bridging the gap between technology and sales for optimal customer solutions. Join us as we delve into the remarkable journey of this industry veteran. You can learn more about Sean by visiting his LinkedIn profile You can learn about Axonius by visiting their website YOUR HOST - SIMON LADER Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and lead generation coaching company Flow and Scale. Since 1997, Simon has helped cybersecurity vendors to build highly effective teams, and since 2022 he has helped people make money from podcasting. Get to know more about Simon at: Website: https://simonlader.com/ Twitter: https://twitter.com/simonlader LinkedIn: https://www.linkedin.com/in/headhuntersimonlader The Conference Room is available on Spotify Apple Podcasts Amazon Music iHeartRadio And everywhere else you listen to podcasts!

Managing the Ecosystem With e3 is a Cybercrime Magazine podcast series brought to you by eSentire, the Authority in Managed Detection and Response. In this episode, host Charlie Osborne is joined by Bob Layton, Chief Channel Officer at eSentire, and Rahul Bakshi, Chief Product Officer for eSentire. Together, they discuss the buying habits and spend prioritization of organizations and end-users in cybersecurity. eSentire's mission is to hunt, investigate, and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

Managing the Ecosystem With e3 is a Cybercrime Magazine podcast series brought to you by eSentire, the Authority in Managed Detection and Response. In this episode, host Charlie Osborne is joined by Bob Layton, Chief Channel Officer at eSentire, and Rahul Bakshi, Chief Product Officer for eSentire. Together, they discuss managed detection and response (MDR), managed extended detection and response (MXDR), and incident response (IR). eSentire's mission is to hunt, investigate, and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.FortiGaurd Labs encounters a kernel driver that makes use of the open-source donut tool.Checkpoint researchers observe Iranian threat actor Agrius operating against Israeli targets.SentielOne notes changes in the ongoing campaign by Kimsuky.Microsoft uncovers stealthy malicious activity aimed at critical infrastructure in the United States.ZScaler Threatlabz reporting on Pikabot, a new malware trojan.Bleeping Computer reporting that the QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program.eSentire launches a multi-pronged offensive against a growing cyberthreat: the Gootloader Initial Access-as-a-Service Operation.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.