Connect with us

TechNews

Sophos Introduces Sophos X-Ops

Sophos X-Ops links together SophosLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos, to help organizations better defend against cyberattacks

Published

on

Sophos X-Ops

Sophos, a global leader in next-generation cybersecurity, has announced Sophos X-Ops, a new cross-operational unit linking SophosLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos, to help organizations better defend against constantly changing and increasingly complex cyberattacks.

Sophos X-Ops leverages the predictive, real-time, real-world, and deeply researched threat intelligence from each group, which, in turn, collaborate to deliver stronger, more innovative protection, detection and response capabilities.

Sophos today is also issuing “OODA: Sophos X-Ops Takes on Burgeoning SQL Server Attacks,” research about increased attacks against unpatched Microsoft SQL servers and how attackers used a fake downloading site and grey-market remote access tools to distribute multiple ransomware families.

Sophos X-Ops identified and thwarted the attacks because the Sophos X-Ops teams combined their respective knowledge of the incidents, jointly analyzed them, and took action to quickly contain and neutralize the adversaries.

“Modern cybersecurity is becoming a highly interactive team sport, and as the industry has matured, necessary analysis, engineering and investigative specializations have emerged. Scalable end-to-end operations now need to include software developers, automation engineers, malware analysts, reverse engineers, cloud infrastructure engineers, incident responders, data engineers and scientists, and numerous other experts, and they need an organizational structure that avoids silos,” said Joe Levy, chief technology and product officer, Sophos. “We’ve unified three globally recognized and mature teams within Sophos to provide this breadth of critical, subject matter and process expertise. Joined together as Sophos X-Ops, they can leverage the strengths of each other, including analysis of worldwide telemetry from more than 500,000 customers, industry-leading threat hunting, response and remediation capabilities, and rigorous artificial intelligence to measurably improve threat detection and response. Attackers are often too organized and too advanced to combat without the unique combined expertise and operational efficiency of a joint task force like Sophos X-Ops.”

Speaking in March 2022 to the Detroit Economic Club about the FBI partnering with the private sector to counter the cyber threat, FBI Director Christopher Wray said, “What partnership lets us do is hit our adversaries at every point, from the victims’ networks back all the way to the hackers’ own computers, because when it comes to the FBI’s cyber strategy, we know trying to stand in the goal and block shots isn’t going to get the job done.

“We’re disrupting three things: the threat actors, their infrastructure and their money. And we have the most durable impact when we work with all of our partners to disrupt all three together.” Sophos X-Ops is taking a similar approach: gathering and operating on threat intelligence from its own multidisciplinary groups to help stop attackers earlier, preventing or minimizing the harms of ransomware, espionage or other cybercrimes that can befall organizations of all types and sizes, and working with law enforcement to neutralize attacker infrastructure. While Sophos’ internal teams already share information as a matter of course, the formal creation of Sophos X-Ops drives forward a faster, more streamlined process necessary to counter equally fast-moving adversaries.

“Effective cybersecurity requires robust collaboration at all levels, both internally and externally; it is the only way to discover, analyze and counter malicious cyber actors at speed at scale. Combining these separate teams into Sophos X-Ops shows that Sophos understands this principle and is acting on it,” said Michael Daniel, president and CEO, Cyber Threat Alliance.

Sophos X-Ops also provides a stronger cross-operational foundation for innovation, an essential component of cybersecurity due to the aggressive advancements in organized cybercrime. By intertwining the expertise of each group, Sophos is pioneering the concept of an artificial intelligence (AI) assisted Security Operations Center (SOC), which anticipates the intentions of security analysts and provides relevant defensive actions. In the SOC of the future, Sophos believes this approach will dramatically accelerate security workflows and the ability to more quickly detect and respond to novel and priority indicators of compromise.

“The adversary community has figured out how to work together to commoditize certain parts of attacks while simultaneously creating new ways to evade detection and taking advantage of weaknesses in any software to mass exploit it. The Sophos X-Ops umbrella is a noted example of stealing a page from the cyber miscreants’ tactics by allowing cross-collaboration amongst different internal threat intelligence groups,” said Craig Robinson, IDC research vice president, Security Services. “Combining the ability to cut across a wide breadth of threat intelligence expertise with AI assisted features in the SOC allows organizations to better predict and prepare for imminent and future attacks.”

GrassRoots.ng is on a critical mission; to objectively and honestly represent the voice of ‘grassrooters’ in International, Federal, State and Local Government fora; heralding the achievements of political and other leaders and investors alike, without discrimination. This daily, digital news publication platform serves as the leading source of up-to-date information on how people and events reflect on the global community. The pragmatic articles reflect on the life of the community people, covering news/current affairs, business, technology, culture and fashion, entertainment, sports, State, National and International issues that directly impact the locals.

TechNews

IASP Luxembourg: Chinwe Okoli Speaks on Soludo’s Innovation Agenda

By SANDRA ANI

Published

on

SID In IASP Luxembourg
Chinwe Okoli speaking at IASP in Luxembourg

“We want Anambra to be known as a destination for innovation, the next Startup State, home for digital Talents, the home of the smart digital tribe”

Ms Chinwe Okoli, the Special Adviser to the Governor of Anambra State on Innovation and Business Incubation addressed the global innovation ecosystem leaders at the 40th IASP World Conference on Science Parks and Areas of Innovation took place at the European Convention Centre, Luxembourg.

SID In IASP Luxembourg
Chinwe Okoli and other world ecosystem leaders at IASP in Luxembourg

The conference with the theme, “𝐌𝐞𝐠𝐚𝐭𝐫𝐞𝐧𝐝𝐬 𝐢𝐧 𝐈𝐧𝐧𝐨𝐯𝐚𝐭𝐢𝐨𝐧 𝐄𝐜𝐨𝐬𝐲𝐬𝐭𝐞𝐦𝐬: 𝐖𝐡𝐚𝐭 𝐚𝐫𝐞 𝐭𝐡𝐞 𝐢𝐦𝐩𝐚𝐜𝐭𝐬 𝐟𝐨𝐫 𝐒𝐓𝐏𝐬 & 𝐀𝐎𝐈𝐬?” was an exceptional gathering of global innovation stakeholders from over 55 countries. The three-day conference presented an opportunity for the best innovation districts, science parks and areas of innovation in the world to connect and exchange best practices.

Solution Innovation District, Anambra State was prominent in the conference as Ms Okoli addressed the conference on the topic: “𝐇𝐚𝐫𝐧𝐞𝐬𝐬𝐢𝐧𝐠 𝐭𝐡𝐞 𝐔𝐧𝐭𝐚𝐩𝐩𝐞𝐝 𝐏𝐨𝐭𝐞𝐧𝐭𝐢𝐚𝐥 𝐨𝐟 𝐀𝐧𝐚𝐦𝐛𝐫𝐚 𝐃𝐢𝐠𝐢𝐭𝐚𝐥 𝐓𝐫𝐢𝐛𝐞: 𝐀 𝐂𝐚𝐬𝐞 𝐟𝐨𝐫 𝐃𝐞𝐯𝐞𝐥𝐨𝐩𝐢𝐧𝐠 𝐂𝐨𝐮𝐧𝐭𝐫𝐢𝐞𝐬.”

She shared the transformative power of the Anambra State Government’s innovation program and highlighted the aspirations of Professor Charles Chukwuma Soludo, the Governor, and efforts in nurturing a robust innovation ecosystem in the State to unlock new opportunities and drive technological progress towards making Anambra the digital and creative capital of Nigeria.

Solution Innovation District (SID) is driven by the Anambra State Government, dedicated to fostering the growth of technology, innovation and entrepreneurship ecosystem.

Ms Okoli restated the commitment of the administration of Governor Soludo towards building the one -of -a kind district in Anambra State, stated the key and ambitious goals of grooming one million Anambra Digital Tribe, startups and digital entrepreneurs and in the end, she called for global partnership.

“Our Mantra in Anambra State is Everything Technology and Technology Everywhere

“At SID, we are activating and developing a dynamic and inclusive ecosystem of the future, Our focus is that in a very short time, Anambra becomes the go-to place for the supply of skills/talents on deep technology -Artificial Intelligence, cybersecurity, robotics, blockchain, Data science, Software Engineering, IoT, Cloud Computing etc.

“Let’s impact the world from the light of the nation, in the biggest country in Africa, let’s do digital magic with the Anambra Digital Tribe”.

SID In IASP Luxembourg (4)
SID In IASP Luxembourg

IASP, the International Association of Science Parks and Areas of Innovation, is the leading association of innovation ecosystems worldwide.

This organization actively unites and empowers a network of managers overseeing areas of innovation, science parks, research parks, innovation districts, knowledge cities, and various other innovation spaces. It’s the driving force behind the exchange of cutting-edge knowledge and best practices, propelling innovation on a global scale.

Continue Reading

TechNews

Sophos Launches Wi-Fi 6 Access Points

Sophos supports shift to hybrid environments with new generation of remotely managed, reports SANDRA ANI

Published

on

Sophos wireless launch -

Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced the Sophos AP6 Series to support the shift to hybrid environments with a new generation of remotely managed Wi-Fi 6 access points.

The new offering adds another component to Sophos’ secure access portfolio, which includes Sophos Firewall and Sophos Switch.

“With cloud-managed Wi-Fi, Sophos is addressing the need for more scalable, remote-managed Wi-Fi solutions that support the increasing number of connected devices and the proliferation of IoT systems,” said Daniel Cole, vice president of product management at Sophos. “This combination of our Sophos AP6 Series and Sophos Switches provides channel partners with a consolidated single vendor access solution strategy, easing the burden and overhead cost of managing multiple disparate systems from different vendors. Many access layer networks are still operating at 1 Gigabit speeds. With the significant performance enhancements in Wi-Fi 6, the industry has a great opportunity to review and modernize the network ecosystem that wireless is deployed into. Sophos’ solution dissolves a common bottleneck at the physical layer and can boost the total network performance of a company’s Wi-Fi infrastructure.”

Sophos AP6 models – including 420E, AP6 840, AP6 840E and the outdoor AP6 420X – have at least one built-in 2.5 Gigabit interface for faster LAN connectivity. 

When combined with the Sophos multi-Gigabit switches, which also support 2.5 Gigabit Ethernet, companies can unlock faster speeds across the entire network. With the AP6 420E and 840E devices, which support Wi-Fi 6E, companies can additionally use the 6 GHz band, which is a newer, less congested space, offering high performance for the latest devices. 

Sophos access points can be remotely managed in the cloud-based Sophos Central platform alongside a broader range of solutions than any other vendor.

This enables partners to oversee all customer installations, respond to alerts, and track licenses and upcoming renewal dates via a single, intuitive interface. Additionally, there is an on-premises interface administrators can take advantage of for on-AP settings.

Availability

The Sophos AP6 Series is available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs). 

Continue Reading

TechNews

Sophos Launches Incident Response Retainer

Published

on

​Sophos Uncovers New Connections Between Hive, Royal, and Black Basta Ransomware
  • Sophos Retainer Cuts Red-Tape, Allowing Sophos Incident Responders to Quickly Investigate and Remediate Active Attacks
  • Shorter Attacker Dwell Times Require Faster Response, as Indicated in Sophos’ New Active Adversary Report for Tech Leaders

Sophos, a global leader in innovating and delivering cybersecurity as a service, has announced its new Sophos Incident Response Retainer, which provides organizations with speedy access to Sophos’ industry-first fixed-cost incident response service that includes 45 days of 24/7 Managed Detection and Response (MDR).

The retainer cuts red tape, allowing Sophos incident responders to quickly jump into active cyberattacks to investigate and remediate them. External vulnerability scanning and critical preparedness guidance are also included in the retainer, enabling organizations to proactively improve their existing security resilience by pinpointing and resolving issues that reduce the likelihood of a breach in the first place. 

At a time when attacker dwell time is steadily shortening, as revealed in a new 2023 Active Adversary Report for Tech Leaders that Sophos published today, time to locate and evict adversaries is critical in limiting damage and completely stopping nefarious endgames, such as data breaches and ransomware. The report indicates that median adversary dwell time continued to plummet, from 10 days in 2022 to eight days in the first half of 2023; for ransomware alone, the time between initial access and impact dropped from nine days to just five. Adversaries also preferentially carried out attacks during targets’ night and weekend hours, with only 9.6% of ransomware incidents taking place during the targets’ daytime business hours.

The single most common attack times were Fridays between 11 p.m. and midnight in the targets’ local time zones.

“Incident response retainers help organizations prepare in advance for the fastest response time possible to defend against active cyberattacks. Due to today’s complex and mixed-vendor computing environments, skills shortages, evolving attacker behaviors, and cyber insurance requirements, it’s critical that all organizations have pre-determined incident response plans in place.

Tangible ‘readiness’ is now a key component for cyber resilience,” said Rob Harrison, vice president, product management at Sophos. “Adversaries will often abuse the same weakness in a single system, and it’s not unusual for multiple, different attackers to go after the same target if there’s potential exposure. Sophos’ goal is to immediately stop active attacks and make sure complete remediation is achieved, regardless of how many hours it takes. We are the only security vendor that offers this caliber of retainer services for urgent security incidents.”

“Sixty-five percent of organizations suffered a significant breach event in the last 12 months despite considerable investments in cybersecurity tools, according to IDC ransomware research,” said Chris Kissel, research vice president, security and trust products, IDC. “Dealing with unexpected cyberattacks is time sensitive, stressful and a large financial commitment. The only way to save time, reduce costs and mitigate the impact of a breach is to have an experienced incident response team in place and lined-up ready to go – before attackers strike.”

The Sophos Incident Response Retainer is available in three tiers through Sophos partners worldwide. With Sophos’ unique ability to threat hunt, respond to and remediate attacks within multi-vendor environments, the retainer is available to non-Sophos customers, in addition to customers already using Sophos’ robust portfolio of innovative endpoint, network, email, and other security products, or Sophos MDR Essentials. Endpoint configuration health checks and device audits are also included in the retainer for existing Sophos customers. Organizations that prefer broader services in one package can purchase Sophos MDR Complete, which automatically includes full-scale incident response.

“The Sophos incident response retainer is the perfect tool for partners to help customers take a proactive approach to improving their cyber defenses, and it will enable us to more quickly respond and take necessary immediate action in a worst-case attack scenario when every minute counts,” said Jonny Scott, vendor alliance manager at Phoenix Software. “Sophos Incident Response’s fixed-cost pricing is genius, especially considering how every attack scenario is different and how quickly costs can rack up. The sheer breadth of resources included with the retainer – from scanning for vulnerabilities to patch and prevent breaches, to having a team of experts on standby 24/7 ready to battle head-to-head with adversaries – make it an absolute must have.”

Continue Reading

Trending