Closing the gaps on IT security
Harish Chib, VP for Middle East & Africa at Sophos on how the company is working to close gaping security holes in networks
Despite all the security solutions in the market, cybercriminals still manage to find vulnerabilities. Where are the weak points?
Over a period of years, new security generations emerged, yet, all of them failed to make security simpler and cohesive. If we juxtapose this with how adversaries have evolved then we see that they are working in concert; they have what security solutions lack, and that is context. Moreover, a biased focus on external threats and known risks made enterprise perimeter porous and users, devices and data increasingly vulnerable. Recent data breach incidents have revealed how insider risks and unknown threats feast on these security gaps.
Today’s hacker is a skilled adversary, and that enemy has managed to stay ahead of the curve. This adversary won’t attack a firewall, instead he will drill a hole through latent vulnerabilities in security design or applications or servers or devices and also users. Also it’s easier to hack a human mind than hacking a firewall. This is where we are observing how end-user and endpoint risk is dramatically going up. And to add to this fact, cyber-crime is just as organized as any other market.
What needs to be done then?
For years, security design has remained monolithic, isolated and devoid of contextual information. This cannot be fixed overnight. Secondly, advent of third-platform technologies has resulted in rapid acceleration of IT and Network integration, warranting a new security architecture and approach, however, not much has happened there.
What does Sophos do differently?
With a roadmap focused on the Cloud, Sophos delivers comprehensive IT security to protect networks, servers, data and devices for a rapidly expanding mid-market and global channel. The competition is trying to be all things to all people – attempting to deliver solutions to everyone from the consumer to a Fortune 100 – and they’re taking a point-product approach. We’re different in our mission to supply complete security (as opposed to a piece by piece point product approach) in a simple, easy to deploy platform.
Our Sophos Security Heartbeat takes a big step in next-generation security. Security Heartbeat links network security technology with endpoint security technology together in a coordinated and integrated approach. This is synchronised security designed to deliver both better protection and better manageability for organisations of any size.
Describe some of your biggest successes in the region?
In the past couple of months, we took a series of initiatives to deepen our MEA presence and bring more innovative security solutions and region specific threat research findings. Key highlights include launch of Sophos Clean, which is a next-generation, signature-less malware detection solution; then we also brought Sophos Email Appliance with Next-Generation Sandboxing technology to help MEA customers reduce the risk of phishing, targeted scams and sophisticated threats. We also conducted a security research on designer geo-malware, revealing how attackers are able to localize malware attacks, launch ransomware and money-laundering cybercrime campaigns and still manage to fly under the radar.
Lately, adding to our partner enablement commitment, we announced new Sophos MSP Connect Partner Program, bringing Synchronised Security benefits to MSP partners and resellers who wish to move up the chain and emerge MSPs. In addition, to facilitate our partners with ease of business and simplified security management, we announced the availability of Sophos Central platform, which brought Synchronized Security Management for partners and security administrators.
What are your regional goals for the rest of the year and beyond?
A growing number of regional customers continue to choose Sophos due to shifting threat landscape and transforming networks. They see Sophos as a committed partner that has all the answers for security and that is what matters, including network, end-users, data, IT infrastructure and devices. To this end, we also have plans afoot to augment our channel operations, expand local presence and reach more customers through differentiated security innovations.