Intercept X has been the fastest growing product for Sophos globally including APJ since its launch three quarters back. It has performed extremely effective in ransomware environment. Around the same time we introduced it, there were big prolific attacks with WannaCry and Petya. The attacks had big visibility globally which put the demand for Intercept X in overdrive as everyone was seeking better solutions and effective ones. Intercept X is behaviors-based technology which start to see encryption take place, it will stop, roll back root, do root cause analysis, and clean it up. It showed people who had installed Intercept X came out fine after those attacks. Across APJ like rest of the world, Intercept has been big driver in the end point security. Sophos has now over 20 million users across 8000 plus customers of Intercept X across the globe.
Another key element is CyrptoGuard (around encryption technology) that has been moved into protection suite which help protect other areas than just client endpoints.
What would be your recommendations for CSOs to brave the connected world?
Cybersecurity is constantly getting elevated to the board level even in government as risk areas and continuity discussions happen for most companies to deal effectively with the threat landscape.
I usually recommend 3 Ps for CSOs and CIOs of modern companies.
Make sure to PATCH. We do have a number of very large customers like big banks. There are many old Microsoft machines that are not patched, and hence vulnerable, in countries like India. The WannaCry took advantage of that lapse and hence CSOs need to patch and update the systems to reduce the vulnerability.
The other P is around PEOPLE, which continue to be of the biggest threat vector that fall victim to spear phishing, email breach etc. Education becomes a continuous process as numerous people still click on the bad mails.
The last piece is PROTECTION. It is imperative for CSOs to implement robust cyber security protection strategy across their company. Companies, as they become more digital, should look at advanced security tools from vendors like Sophos. A single breach can derail their business across the IT infra.
Is Internet of Things (IoT) is turning out to be Internet of Threats? What other trends do you foresee?
As everything goes digital, IoT offers the potential for the new threat to surface as it is about many digital devices having access to internet. Sophos recently partnered to secure Konica Minolta's workspace hub. There was massive DDoS attack through cameras last year. One of the things that makes us nervous is that there are no software update, no security standards in most of these IoT devices as they sprawl personal and enterprise spaces. Modern endpoints are beyond laptops and mobiles into connected cars, printers, wearables and more. Security vendor has to protect threats from all end points for the customers. IoT vendors themselves are under pressure to ensure adequate security across on-premise and cloud based environments.
Sign up for CIO Asia eNewsletters.