Cyber technologies have evolved significantly in recent years to meet changing customer requirements for earlier detection, faster response, improved automation and better integration. Machine Intelligence has helped deliver product improvements whilst a greater focus on threat intelligence and hunting has resulted in a more proactive approach to cyber security. The resulting Managed Detection and Response (MDR) market has grown to meet the requirement for real-time monitoring, threat notification and incident response. Small to Medium Size Businesses (SMBs) that do not have the resources for threat hunting, and larger enterprises seeking to augment or improve existing capabilities, benefit from MDR.
Understanding the challenges facing your customer and responding quickly with product upgrades, new solutions and value-added services is a key requirement in the cyber security market where selling a differentiated product or service is notoriously difficult. Sophos understood the need for Managed Threat Response (MTR) and has evolved to meet changing requirements.
Founded in 1985, Sophos is a well-known player in the cyber security industry and a strong partner to organizations ranging from SMBs to large enterprises through its extensive channel partner network. Staying competitive in a dynamic market requires an organisational culture responsive to change and a commitment to product evolution. At the heart of Sophos is a commitment to innovation and continual improvement, and this has resulted in an expanding portfolio including Intercept X for endpoint security, XG Firewall and Cloud Optix. There is also a focus on delivering new customer value through investing in machine intelligence capability, resulting in 37 machine learning models in use by the end of 2020, including detection of popular document formats, malicious URLs, and Business Email Compromise (BEC). The focus on delivering new value to customers is encapsulated by Cybersecurity Evolved, the threefold Sophos strategy – Predictive, Adaptive and Synchronized. Predictive reflects the strengthening customer requirement for a proactive response to security whilst Adaptive enables an organisation to react quickly to threats and change policies. Synchronization is a Sophos differentiator – the communication between endpoints and the firewall to ensure a coordinated and quick reaction to any malware or ransomware that is identified.
Combining Intercept X with capabilities gained through the strategic acquisitions of the DarkBytes Security Orchestration and Automation Response (SOAR) platform and the managed detection and response skills and capabilities from Rook Security, Sophos has created Managed Threat Response to meet the customer requirement for proactive cyber security that fuses machine learning technology with human-led analysis. The service has a level of customisation, known as Response Modes, to ensure that each customer can select the service that is aligned with their existing capability. “Notify” provides an alert only service for organisations with the internal capability and staff to respond to threats themselves, “Collaborate” is a hybrid approach that delivers support to internal staff, whilst “Authorize” permits Sophos to manage the whole threat response process.
The Sophos Next-Gen security portfolio, including MTR, has grown quickly from $9m in 2015 to $351m in 2019, demonstrating the organisations ability to introduce new services to both existing and new customers. Sophos’ Next-Gen Firewall and Endpoint security capability, combined with Managed Threat Response, offers businesses an affordable, integrated security solution designed to reduce organisational risk and expense.
Gain further insight into cyber technology trends and the market outlook through WA's new "Cyber Security Market Analysis"
