Warding off threats with compliance in the cloud
Martyn Brownlie, channel director for Sophos UK and Ireland, says that the online security industry is “much more mature”. “As-a-service models from traditional vendors have driven that, so that’s one of the big changes that we had to adopt.”
As manager of the UK and Ireland channel for Sophos, Brownlie has a good eye of the challenges its partners see. Its managed service provider programme has nearly 400 vendors using the many products and services it offers.
Part of the challenge is putting a service wrapper around these services. Having the technology is one thing, but aspects like visibility, billing, management, ensuring uptime and keeping up with the latest technology trends are all questions that have to be answered by vendors. All of which is being pushed by the cloud.
While there was some concern about moving services to the cloud, what it has led to is greater management from the side of the consumer, said Brian Murray, Ireland enterprise lead for Sophos Ireland.
“That’s the same with the MSP market - there was quite a bit of concern with the move to the cloud, that it was going to damage their business and there was going to be less requirement for them, that people were going to be doing more probation themselves,” said Murray.
“What it led to is a more complex environment that requires more management where the customer relies on them more than they ever were.”
In Sophos’s case, it has a number of different services to help better understand the cloud, one of which is Cloud Optix, which uses AI and automation to help simplify compliance, governance and security monitoring in the cloud.
“The whole message for Cloud Optix is the ability for compliance in the cloud,” said Murray.
“Being able to give organisations visibility of their infrastructure, understand where their sensitive information is being held, the policies pushed out on top of that, it’s really giving businesses an opportunity to say they’re covering all their bases.”
Brownlie said: “If you can’t see it, you can’t secure it - and of course you start to drive more and more resources into the cloud because it’s much easier. We found that one of the reasons there is a gap in the market for a solution like Cloud Optix is people forget what they have out there . . . there’s very little out there which gives you a single view which is what Optix does very quickly.
“Once you see it you can figure out what security there is, whether or not it’s compliant because that’s a huge issue for people. Businesses of all sizes are subject to GDPR and the consequences of not being compliant, but also a lot of people think they’re not responsible for what’s in the cloud.”
As mentioned earlier, Sophos’s status as a security vendor means it offers products and solutions to managed service providers to help secure their customers’ data. Key to that is the research and development from its Security Labs, which is “fundamental” to what Sophos does, said Brownlie.
This is particularly crucial, as ransomware and phishing are still big threats to businesses, the latter making up 32 per cent of breaches.
“It’s an ever-changing and ever-growing threat landscape, so ransomware is still huge and phishing is still a huge issue,” he said.
“Some of that we resolve with education. You can provide the technology, but a lot of threats [come from within the organisation].
“Some 34 per cent of threats come from within an organisation and since you can’t open every email for everybody, we have education tools like Phish Threat which is almost like an online test - we have to go through it regularly so you get to understand what phishing emails look like.”
Murray also mentions that over 90 per cent of attacks companies experience start with a phishing email, meaning that education and awareness are key.
“It’s the education and engagement with staff [that’s important] and that’s where Sophos Phish Threat really comes into its own,” said Murray.
“People are seeing the power of using a tool to measure the response from the employees, to establish a baseline and then start pushing out further training to show there’s improvement step-by-step.”
Tying in with that is the targeting of threats with social media being heavily used to help out. As bad actors find ransomware and malware becoming easier to monetise, it means they can reinvest the money and make their attacks bigger, better and faster than before.
The result is that C-level executives are particularly under threat so getting them to adopt and roll out best practices across their organisations is crucial.
“Some 32 per cent of breaches involve phishing, so a lot is done with that type of attack,” said Brownlie. “Bear in mind everyone has email, and most of it is fairly innocuous, so it’s a huge threat surface.”