Category: Sophos

Today, we’re excited to announce two new appointments to our senior sales leadership team. Erin Malone has been promoted to senior vice president of sales for Americas, and Kevin Isaac has joined Sophos as senior vice president of sales for Europe, Middle East and Africa (EMEA).

“Erin and Kevin are strategic additions to the Sophos senior leadership team, and their decades of expertise will be pivotal in helping partners evolve their security strategies to defend against today’s persistent attackers,” said Michael Valentine, chief revenue officer at Sophos. “There is tremendous opportunity for partners worldwide to leverage our strong portfolio of next-generation cybersecurity solutions and managed threat hunting and response services to protect their customers as they adapt to the constantly changing threat landscape and needs of remote and onsite workers. Both Erin and Kevin recognize this and are dedicated to supporting partners in their respective regions.”

Malone is an accomplished, award-winning sales executive with more than 20 years’ experience leading high-achieving sales teams and developing strategic partner relationships in the cybersecurity industry. She has risen the ranks at Sophos following a successful position as vice president of sales for North America, where she created and led Sophos’ Partner Advisory Council (PAC). She joined Sophos in 2015, and is based in the U.S.

“Erin has already made great impact on our Americas region, is well-respected in the industry, and has strong relationships within the Sophos partner community. We are excited for Sophos’ future under Erin’s executive leadership,” said Valentine.

Isaac brings more than 25 years of cybersecurity sales leadership to Sophos, and most recently served as chief revenue officer at Forcepoint. He is known for inspiring and managing high-performing teams, and has considerable experience in driving business growth, operational excellence and year-over-year results, particularly in EMEA. Isaac is based in the U.K.

“We are thrilled Kevin has joined Sophos to expand our already strong growth path in the EMEA market. He is a well-respected international sales executive within cybersecurity, and his wealth of experience will benefit partners and customers as Sophos continues to innovate and lead the industry,” said Valentine.

The use of cloud services has soared this year, with 97% of business decision-makers saying that COVID-19 has sped up digital transformation and the use of cloud services at their companies. Organizations that haven’t embraced cloud already are likely to have it on their roadmap.

Speaking with over 3,500 IT Pros in the Sophos State of Cloud Security report, 70% of organizations already hosting data and workloads in the public cloud have reported security incidents in the last 12 months.

At Sophos, we want to help organizations identify and respond to these cloud threats faster, wipe out potential breach points, and optimize cloud spend. You can now do that for free with Cloud Optix on AWS Marketplace.

The free cloud security posture management tool

Cloud Optix, the Sophos cloud security posture management tool, protects Amazon Web Services, Microsoft Azure, and Google Cloud Platform environments. It continually monitors cloud service configurations, and detects suspicious activity, insecure deployments, and over-privileged IAM roles – all while helping optimize your cloud costs. Simply put: it stops potential cloud environment breach points before they are detected and compromised.

Monitor 25 cloud assets for free via AWS Marketplace

Sophos now provides customers with the ability to monitor 25 cloud assets absolutely free. To activate, sign up via the Cloud Optix AWS Marketplace listing, then once logged into your Cloud Optix account, simply activate the free tier from the top right corner of the Cloud Optix dashboard.

How the Cloud Optix free tier works:

• Customers are able to monitor 25 cloud assets for free (see how Cloud Optix counts assets)
• This is an optional free usage tier. To activate, customers should sign up via the Cloud Optix AWS Marketplace listing, then once logged into their Cloud Optix accounts, simply activate the free tier from the top right corner of the Cloud Optix dashboard as shown above.
• Once activated, customers will only be billed for usage that exceeds this limit.

Start protecting your public cloud environments today

Risk-free setup

No downloads are required. Cloud Optix is an agentless, SaaS-based service that’s simple to set up, with read-only access to cloud environments. For help configuring the service, visit the Cloud Optix online help guide.

For more information about our cloud security posture management solution, visit the Cloud Optix page on the Sophos website.

Note: Customers signing up for Cloud Optix via AWS Marketplace will manage the product from a standalone console, providing all the functionality available for Cloud Optix via Sophos Central.

Managing all your cybersecurity products through the Sophos Central platform has proven to be a real time-saver when it comes to day-to-day admin tasks.

I recently spoke with two customers based in Eastern Europe who are both running Sophos next-gen cybersecurity systems managed through Sophos Central.

They explained how this approach has reduced their day-to-day security management workloads and allowed their small teams to maximize their impact.

---

Long-time Sophos customer makes the leap to Sophos Central

The first customer, a public sector organization in Slovenia, has been a Sophos customer for many years. A team of three people manage security for the organization’s 150 employees.

They recently switched from Sophos’ on-premises solutions, including endpoint protection managed through Sophos Enterprise Console (SEC), to next-gen products managed through the Sophos Central platform.

They now run a full next-gen cybersecurity system, including Sophos Intercept X endpoint and server protection, device encryption, and a Sophos XG Firewall.

Day-to-day security management cut in half

The team has seen a 50% reduction in time spent on day-to-day security management since moving to Sophos Central-managed solutions.

They now spend only 15-30 minutes each day on security admin – checking the firewall, looking at alerts, and cleaning up the email quarantine. All of this took twice as long before moving to Central.

“Previously we would send at least twice as much time on admin each day.”

They attribute the time saving to the admin-friendly platform. They can see and manage their entire environment in one place and no longer need to switch between applications and servers.

Protection remains strong and they haven’t had a single major incident since using Sophos products.

---

Evolving threats requires evolved protection

The second customer I spoke with is also a public sector organization – this time in Belgrade, Serbia. Within the IT team of 10, four people focus on cybersecurity, protecting the organization and its 300 staff from the latest threats.

They’ve been a satisfied Sophos customer for a long time, using multiple Sophos products without a single major security incident in the past eight years.

As threats and technologies have continued to evolve, so has their protection. The team recently made the switch to Sophos next-gen products.

They now run a full next-gen cybersecurity system, including Sophos Intercept X endpoint, server, and mobile protection, Sophos email security, and Sophos XG Firewalls – all managed through the Sophos Central platform.

Next-gen solutions cut IT admin time to 30 minutes

Previous Sophos products were still far ahead of the competition – day-to-day security admin would take this customer just an hour compared to what they estimate would be a whole day’s work with other vendors.

Switching to Sophos Central-managed solutions cut that admin time by a further 50%.  Now, they spend only 30 minutes a day keeping on top of their security.

Meanwhile, their end users remain unaware of the security solutions that are protecting them while they work. Intercept X runs quietly in the background, keeping users from unsafe websites, unobtrusively and automatically.

---

See it in action

Both organizations had found success with Sophos for many years. Upgrading to a unified, cloud-based management system has further increased efficiency and enabled them to dedicate more time to other projects – all while continuing to provide the same reliable protection they had come to expect.

Check out this demo video to see just how easy day-to-day security management is with a Sophos system.

Want to try the system for yourself? The easiest way is to start a free trial of one of our products.

And for anything else, or to discuss your own challenges, the Sophos team is here to help.

Ninety-seven percent of business decision-makers say that COVID-19 has sped up digital transformation and the use of cloud services at their companies*.

Customers may have a carefully mapped out strategic plan for cloud migration, or circumstances beyond their control such as Covid-19 may have caused them to rethink and move faster than they’d have anticipated. Either way, organizations all have a common goal: to optimize IT and security costs.

And it’s no different for cloud infrastructure. That’s why Sophos is helping organizations to answer the question: “How can I optimize AWS and Azure costs?”

They can achieve their goals with Cloud Optix, which provides a new range of cost optimization tools that allow customers to ensure security and compliance of cloud infrastructure, while also saving money on AWS and Azure service costs – all in a single Cloud Optix subscription.

Available for new and existing customers from launch, Cloud Optix will help organizations:

• Optimize AWS and Azure infrastructure costs in a single console
• View comprehensive daily and monthly costs, along with intuitive filters to provide analysis of individual cloud environments, services, and regions with ease
• Track spend for multiple services side by side on a single screen to improve visibility and reduce wasted spend
• Identify unusual activity indicative of abuse, highlighting top services contributing to spend with customizable alerts
• Receive detailed independent Sophos recommendations to optimize AWS costs, and integrate with both the AWS Trusted Advisor and Azure Advisor services within the Cloud Optix console
• Compare monthly analysis of granular changes to service spend with clear executive summaries

Helping you focus your teams

We’re so confident in our technology that the team at Sophos uses Cloud Optix to protect the Amazon Web Services environments used to host Sophos Central itself – a cloud security platform trusted by over 150,000 customers. And a primary reason is that Cloud Optix shows them where to focus attention in order to proactively stop any potential breach points before they happen – an approach which is carried through to spend monitoring.

Cloud Optix helps SecOps and DevOps teams focus on and fix their most critical security vulnerabilities before they are identified and exploited in cyberattacks. It provides a complete picture of your cloud assets across multi-cloud environments by monitoring costs, detecting insecure cloud configurations and deployments, and detecting access anomalies, over-privileged IAM roles, and compliance failures from the development cycle through to the ongoing security of live cloud services.

Find out how much you can save

Cloud Optix is part of our complete portfolio of cloud security products and services, including EDR, MTR, Firewall, CWPP, CSPM, and SaaS email security. You can start a trial and find out more about Cloud Optix here.

* Source: Raconteur http://rcnt.eu/ixkrd

COVID-19 has phenomenally altered the way healthcare functions, with growing adoption of telehealth and remote patient monitoring. The threat landscape in healthcare, too, has become fertile ground for phishing campaigns, malware, ransomware, breached patient records, and other cyberattacks on healthcare systems – all with far-reaching consequences.

According to Interpol, COVID-19 has led to shifts in targets from individuals and small businesses to government and critical health infrastructure. Security agencies in the U.K. and U.S. have unsurfaced targeted efforts against the healthcare, pharmaceutical, academic, and research industries tasked with providing uninterrupted patient care to infected people and in coronavirus vaccine research.

The healthcare sector is highly vulnerable today. Amidst one of the worst healthcare crises to have hit mankind, attackers are unflinchingly exploiting conditions like increases in teleworking – many with little or no prior experience and planning – fear and anxiety among the general masses, and an overworked and distracted medical workforce. Failure of healthcare systems can have dire consequences: failures to order drugs, schedule operations, or make ambulances available on time during emergencies.

In the fight against the pandemic, most countries rapidly rolled out virtual patient consultations using telehealth services in an effort to reduce physical contact to help prevent the spread of the disease. These services make use of remote access systems – which also means that every device and connection acts as a way into the healthcare system.

Given these unprecedented circumstances, the Office of Civil Rights (OCR) exercised enforcement discretion and announced that, during the pandemic, it will not impose penalties for noncompliance with HIPAA regulations against providers leveraging telehealth platforms that may not comply with privacy rules. This is giving hackers more leverage to deploy data breaches, ransomware attacks, EHR snooping, phishing attacks, and more.

Furthermore, to accommodate the rapidly rising numbers of infections and to support existing healthcare infrastructure, many countries around the world have had to create temporary COVID-19 facilities to house infected patients. Since these facilities are created in a hurry and the priority is to deliver patient care, security becomes a lower priority, with many crucial steps to protect networks and devices overlooked.

This, in turn, leads to weak spots in networks that are easily exploited by malicious actors. The Department of Health and Human Services has reported that between the months of February and May of this year, there have been 132 reported breaches. This is an almost 50% increase in reported breaches during the same time last year.

A result of the pandemic has also been a significant increase in the amount of patient health data stored by the government and healthcare organizations. Personal data like daily health parameters, co-morbid health status, insurance providers, as well as tracing all contacts who come in contact with an infected person can be exploited for identity theft and sold for a high value on the dark web.

Contact tracing and tracking apps are another source of privacy concerns. Sometimes patients’ medical history data needs to be sourced and transferred from regular hospitals to temporarily-created facilities, which happens over less secure technology. This puts hospitals and healthcare organizations at risk of “spray and pray” attacks by cybercriminals.

Fortified’s mid-year report found that 60% of healthcare breaches from the first half of 2020 were caused by a malicious attack or IT incident, rather than insiders. Email compromises have been the most common attack vector to gain access to healthcare networks and steal patient data during the pandemic. Fortified explained that these attacks are often executed by phishing campaigns used to drop malware or ransomware, which have remained prevalent throughout the crisis.

Given the scenario today, a focus on cybersecurity basics continues to be more important than ever. Organizations, especially in healthcare, must focus on email security and training. Users must be educated and tested with simulated phishing attacks and security awareness training. This creates both a positive security awareness culture and decreases the probability of users falling for attacks.

Network segmentation is another way organizations can limit or restrict communication between devices and systems that are critical to maintaining medical services. Today, when IT is already overwhelmed or understaffed, managed threat response services can help back up security operations by ensuring 24×7 threat hunting, detection, and response as well.

Visit Sophos.com/Healthcare to learn more.

As we enter the final month of the 2020 U.S. presidential race, election security and fraud is top of mind for many. With the memory of the 2016 Podesta breach still fresh, we are a nation braced for cyber-attack impact. 

Experts agree that, while countless security improvements have been made since 2016, we should expect more vigorous phishing attacks, data theft, ransomware, and disinformation efforts in the coming weeks. And while legions of cyber security professionals work around the clock to protect this apparatus of our democracy, we must all be vigilant to defend against foreign adversaries or domestic actors who seek to sow chaos or tamper with election outcomes. The truth of the matter is that election security extends far beyond the political organizations themselves. 

For years, Yubico has worked closely with state, local, and federal governments — recently in partnership with Defending Digital Campaigns (DDC) and Microsoft AccountGuard  — to secure everything from bi-partisan campaigns to candidates’ email accounts with the YubiKey. Based on this extensive work to safeguard democratic electoral processes, there are three observations that underscore the pressing need for all of us — every business, every individual — to play a role in securing elections and re-infusing trust into our democratic process: 

The conditions are perfect for phishing season 

Hackers thrive on fear, anxiety, and confusion. They leverage these emotions to facilitate social engineering attacks. When emotions are running high, people are more likely to fall for a phishing attempt. To put it another way, they’re less likely to stop and question the authenticity of an email or text message before clicking on a link or offering up their credentials. This year, fear, anxiety, and confusion are in bountiful supply, making the conditions perfect for phishing. 

Politically-motivated hackers exploit unsuspecting targets 

In a phishing attack, a hacker can turn almost anyone into a weapon for use in their mission — whether that’s to help a particular candidate or simply cause unrest. 

Take the latest Twitter breach for example. According to WIRED, hackers sent out thousands of phishing emails and phone calls to Twitter employees in an effort to gain access to accounts of well-known and influential users. The consequences of such an account takeover in the final days of an election campaign could be catastrophic. Even if the breach were recognized immediately, the damage would be almost impossible to contain. 

In Twitter’s case, the company has focused intently on minimizing the chances of such an attack happening again — an exemplary effort that we would encourage other companies to mimic. Among other measures, the company recently announced it is rolling out phishing-resistant security keys. 

Hackers can work their way from account to account in order to get closer to their target. For example, they might target an individual that is a friend of someone who works at a large, influential company, or target a campaign volunteer instead of the campaign manager. Ultimately, their final target could be anyone whose identity can be used to influence public sentiment.  

Private companies see an increase in hacktivist threats

Experts report that private companies are seeing an increase in hacktivist threats in the run-up to the election. Media organizations, universities, and nonprofits are all at risk due to their profiles and roles in influencing the public, but almost any business could serve a purpose for a politically-motivated hacker. 

The recent SendGrid breach illustrates this well. SendGrid customers distribute large volumes of email with a high delivery rate. If those account credentials get into the wrong hands, it’s easy to see how they could be used to deliver political disinformation to millions of voters, opposing candidate campaign members, or media organizations.  

“Given the current climate in the U.S. and the amount of activism going on, I think it’s fair to assume that hacktivism activity would parallel community-level activities, since the web is just an extension of activities in real life,” said Michael Kaiser, president and CEO of Defending Digital Campaigns, and former executive director of the National Cyber Security Alliance in a recent SC Magazine article. “I fully expect disrupting a campaign, person or organization viewed as an opponent — in order to convey a message or do greater harm — would be part of the hacktivism playbook.” 

The message is clear: any individual, in any organization can be an accessory to an attack. That’s why every organization — political or not — must ensure it is authenticating every user. Passwords are too easy to steal, while basic two-step authentication can be vulnerable to phishing and man-in-the-middle attacks. Making strong authentication available at scale, with physical hardware keys like the YubiKey, is a trusted way to ensure the identity of every user at every login point. 

The stakes are high — we must do all we can collectively to protect individuals, protect organizations, and protect democracy.

We are proud to announce that Sophos has been ranked 10^th in the UK’s annual Sunday Times PwC Top Track 250, which recognizes the most successful private mid-market companies in the UK.

This year’s list is a special COVID-19 edition that also aims to highlight the challenges faced and contributions made by mid-market companies during the pandemic. It is Sophos’ third appearance in the list since 2011, and the first time it has been placed in the top 10.

Commenting on the news, Kris Hagerman, CEO of Sophos said:

“It is a particular honor to achieve our highest ever ranking in a year that recognizes not just our commercial performance, but also our support for others during the pandemic. Our next generation security technologies and free tools helped protect organizations as they worked remotely, while our threat researchers and data science teams have advanced our industry-leading capability to identify and block cyberthreats of all types, which sadly have proliferated during this challenging and turbulent period.”

In 2020, cybersecurity became more critical than ever as the pandemic took hold across the world and organizations rushed to enable employees to work from home and to keep things going as normally as possible.

Cyber-attackers were quick to target newly vulnerable environments and exploit global anxiety about the virus.

Through our centrally managed, intelligent and synchronized security solutions, we helped organizations to transition securely to remote, virtual working environments. We also increased free access to some of our solutions to further protect remote workers.

Alongside this, our SophosLabs researchers regularly uncovered and reported on evolving COVID-19 themed attacks and ransomware targeting newly vulnerable IT infrastructures and employees.

However, for us 2020 was not just about what we could do for our customers. We wanted to unite the industry, to encourage collaboration and increase the speed of response to such threats. Our researchers set up the COVID-19 Cyber Threat Coalition (CCTC), where thousands of private and government organizations have come together to fight COVID-19 cyberattacks.

Further details of the Sunday Times PwC Top Track 250 can be found at Fast Track.

Minecraft or math lessons: which one could be the cause of your company’s…

Scroll to top

How NIST and eIDAS revisions are shaping the future of e-identification

Scroll to top