Despite headlines over the past few weeks focusing on major ransomware attacks like those against Colonial Pipeline, JBS and the Massachusetts Steamship Authority, defenders are winning the cybersecurity battle. Thousands of breach attempts are thwarted every single day, which is encouraging, but is also forcing attackers to step up their game.
As hackers continue to evolve their own tactics to evade detection, IT security must evolve from security management to security operations to continue to defend against them. We can no longer count on being able to take a “set it and forget it” security approach.
The Role of Channel Partners
Channel partners need to help their customers be more proactive in hunting suspicious behavior and events before it results in a breach. Partners need to make sure customers can find suspicious activity as early in the attack chain as possible in order to give them the ability to respond before damage is done. The most sophisticated attacker still leaves breadcrumbs behind, and partners need to make sure their customers have the ability to follow the trail to stop the attack in its tracks.
Further, as businesses only continue to get further interconnected, it’s critical that security follows suit. Partners need to help their customers transition from security point products to an adaptive security system that automatically prevents as much as possible, while enabling operators to search and detect weaker signals – such as suspicious behaviors and events – and prevent them from becoming breaches.
Introducing the Sophos Adaptive Cybersecurity Ecosystem
The future of IT security is a system that enables a unique feedback loop so it can constantly learn and improve. New information and events detected by the operations team can be automated, improving prevention and reducing the number of new attacks that get in. Similarly, as automation software improves, operators can find suspicious behaviors and events faster, further reducing incidents. This virtuous cycle constantly improves overall security for an organization and its connected business.
That is why Sophos launched its adaptive cybersecurity ecosystem (ACE). An evolution of Sophos’ acclaimed Synchronized Security approach, the smart ecosystem is engineered to protect the interconnectedness of our businesses and online world.
The new open security architecture optimizes threat prevention, detection and response. Sophos ACE leverages automation and analytics, as well as the collective input of Sophos products, partners, customers, developers, and other security industry vendors to create protection that continuously improves – a virtuous cycle that is constantly learning and advancing.
Sophos ACE is built upon a data lake that correlates actionable insights from Sophos solutions and services as well as threat intelligence SophosLabs, Sophos AI and the Sophos Managed Threat Response team. Open APIs enable customers, partners and developers to build tools and solutions that interact with the system and to take advantage of existing integrations.
Guest blog courtesy of Sophos. Read more guest blogs from Sophos here
