Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Seamless integration and threat investigation across your existing tech stack.
Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Extend your team capabilities and prevent business disruption with expertise from eSentire.
We balance automated blocks with rapid human-led investigations to manage threats.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Defend brute force attacks, active intrusions and unauthorized scans.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Investigate and respond to compromised identities and insider threats.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Build a proven security program.
Operationalize timely, accurate, and actionable cyber threat intelligence.
THE THREAT In recent weeks, eSentire’s Threat Response Unit (TRU) has traced numerous email account compromise cases to infrastructure hosted on several related hosting…
Dec 10, 2024THE THREATUpdate: Security patches to address this vulnerability were released by Cleo on December 12th. Organizations need to update to Cleo Harmony, VLTrader, and LexiCom versions…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
The role of any security leader – be it the CISO, CIO, VP Security, or even Director of Security, is that of a grandmaster in chess. Every move in the first phase sets the tone for the game, and the world of cybersecurity is no different. As a new security leader, your first 90 days can either establish a robust defense against cyber threats or leave your company vulnerable to myriad of threats.
The CISO is evolving to become a key player in the boardroom who governs cyber risk management, builds organizational resilience, and influences business outcomes. CISOs are now pivotal in defending against advanced cyber threats, adhering to compliance requirements, and ensuring that the business stays ahead of disruption. If you’re joining as a new VP or Director, you may report to a CIO, who is then responsible for reporting to the board.
As a CISO with 20+ years of experience, I've learned how to balance the immediate need to protect against the strategic foresight required to anticipate cyber threats. It’s not an easy job, but the first 90 days can set the tone of how much buy-in you’ll get from your leadership team, the challenges you’ll face, and how you’ll overcome them.
Let's dive into the critical phases that mark the beginning of a security leader’s tenure.
The first month is about laying groundwork — not just in understanding technical systems, but in grasping the human element of the organization. Forging strong relationships within the company is as critical as understanding the architecture of the network.
During this time, it’s critical that you get to know everyone on the security team as well as the key players at all levels of the company and make sure they understand you’re their partner. . This includes the developers, the engineers, and those who have been at the company for a long time who can give you the real lay of the land.
It begins with a series of deliberate meet and greets. I start at the top, understanding the perspectives and expectations of the leadership, then work my way through the ranks. This isn't about learning names and titles; it's about discovering allies, potential resistors, and the informal power structures that dictate how things really get done.
Take the time to learn each team member’s responsibilities, how they assess success, their levels of knowledge and skillset (e.g., soft vs. technical), and where the security expertise gaps might be.
Every security leader must deeply understand the business mission and goals. In these discussions, I listen for what's said and what's not — gauging what keeps stakeholders up at night. This helps tailor the security program to safeguard your company's interests effectively.
The key here is to make yourself visible, set up open lines of communication, and solve other leaders’ challenges. So, try to understand your department’s goals and missions, long-term priorities, and how the IT/security function can help other leaders achieve their business goals.
Risks are not just digital — they're operational, reputational, and strategic. I ask pointed questions to find the main risks as perceived across the organization, setting the stage for a comprehensive risk assessment process.
Learn how to build a strong cybersecurity foundation at your organization, build alignment with your executive leadership team, how to hire and retain skilled security practitioners, and why you should augment your in-house team with an external MDR provider.
Download NowWith relationships established and a preliminary understanding of the business, it's time to assess the current state of cybersecurity at your organization.
During this time, I’m focused on understanding the current operating model for the security function: the strategic goals and corresponding tactical initiatives, whether the security program is proactive or reactive, any specific cybersecurity frameworks we align with, and whether there’s a security committee that helps the overall strategy remain on track.
First, I comb through our policies, procedures, and standards to understand our posture and pinpoint areas for improvement. I’m looking to answer the following questions:
Next, I take the time to understand the frequency and metrics for security reporting to the CEO and board. This gives me insight into the organization's security maturity — what metrics are valued, whether the metrics are at the right level (vs. being too operational), if the metrics are understood well, and how aware the company is of its security posture.
I also take the time to evaluate whether the operating model of the security team is aligned with the security stakeholders (i.e., the CEO and board members) and make sure it’s collaborative with the business. In other words, how are other departments prioritizing internal cybersecurity awareness and adhering to policies and practices?
The risk register often reveals the pressing issues that need immediate attention: Are there any ticking time bombs? Past breaches or significant incidents that were mishandled? Any failed audits? These findings are crucial for finding gaps within the security program, prioritizing the course of action, and setting your team on the path to resolving the gaps effectively.
For that reason, review the latest cyber risk assessment and audits conducted and if there are no recent ones, prioritize conducting a cyber risk assessment. At this time, you also need to identify the threshold for acceptable amount of risk and tailor it to your organization’s overall risk tolerance. Use peer benchmarking to figure out how security can balance risk based on your industry expectations as well.
Given that users are the weakest link in any security program, one of the most crucial things to look out for is the organization’s security IQ. That is, how much cybersecurity awareness does every single employee have and how are they prioritizing staying ahead of cyber threats?
To determine the security IQ, ask the following:
Translating assessments into a coherent strategy isn't just about fixing what's broken; it's about setting a vision for the future of cybersecurity within your organization. As such, the final phase of the first 90 days is about translating assessments into a coherent cybersecurity strategy.
Security is a team sport, and everyone needs to know their position on the field. I clarify roles and responsibilities across the team to ensure a cohesive effort in protecting our digital and physical assets. If you need to work with your team to adjust their roles based on skillsets, take the time to do so.
I actively define these roles, not just in terms of job descriptions but in the context of our overall security posture. This means ensuring that everyone knows the part they play in incident response, the importance of adherence to policy, and the necessity of ongoing vigilance. It's about creating a framework where responsibilities and accountability are clear, empowering team members to act decisively and proactively.
With identified gaps, I develop a mission statement that includes the priorities of our security program and a roadmap that not only addresses immediate deficiencies but also aligns with the long-term vision of the organization. This roadmap is a living document that not only provides a clear direction but is flexible enough to adapt to the rapidly changing threat landscape.
It includes immediate actions to address critical vulnerabilities and a phased plan for advancing our security maturity. It’s designed to align with the organization's long-term vision, incorporating industry best practices, and compliance requirements while supporting overall business growth.
As you develop the roadmap, make sure you address the following:
Once you’ve created your mission and roadmap, make sure you socialize, communicate, and negotiate with your stakeholders for what’s needed to put the plan into action.
Presenting to the board is more than a formality; it's about winning trust and securing the resources necessary for implementation so it’s the most critical step you’ll take in the first 90 days. The goal is to leave the board not only informed but also assured that the proposed strategy will lead to a more resilient and secure organization. As a result, this is where you’ll secure the mandate and the resources to implement the strategy.
Here, I articulate the value of cybersecurity not as a cost center but as a business enabler. It's my opportunity to show how a strong security posture can be a competitive advantage and prove how strategic investments in cybersecurity can reduce cyber risk, protect the brand reputation, and ensure business continuity.
The presentation is crafted to resonate with the board's priorities, translating technical risks into business impacts, and outlining a clear, actionable strategy that includes not just technical measures but also awareness training, culture change, and process improvement.
The first 90 days as a new security leader are intense and demanding, but they're also incredibly rewarding. This period sets the stage for the type of leader you’ll be and how you’ll enable the business to grow by keeping cybersecurity top of mind.
By listening, assessing, and strategizing efficiently, you can secure not just systems, but also the confidence of the team and the trust of the board, which are essential ingredients for any successful security leader.
Greg Crowley is an accomplished executive with over 20 years in Information Technology and Cybersecurity with extensive experience in managing enterprise security and mitigating risk for global hybrid networks. Greg believes that as a leader in the cyber world, being able to communicate and execute a strategic vision to defend and protect is the most important part of his role. Prior to joining eSentire, Greg oversaw the overall cybersecurity function as Vice President of Cybersecurity and Network Infrastructure at WWE (World Wrestling Entertainment). He spent over 17 years in various leadership roles across engineering, infrastructure and security within that organization. Greg holds a Bachelor's degree from Queens College. He is a Certified Information Security Manager (CISM) and a Certified Information Systems Security Professional (CISSP).