Explaining the new technologies that Sophos has innovated to combat cyber security, Sunil Sharma, Managing Director-Sales, Sophos, explains the company’s tactics to purge the threats to IoT.
How do you see security market evolving in India?
It is no different than the security market evolving in the world. I have understood the basic learning which is ‘necessity is mother of invention’. So when a security market is evolving, somebody asks that what is the size of security market in India or global, I would personally believe that it is all being controlled and driven by the external threat factors actually. The more we have cyber criminals pushing the team to think creatively, innovatively, the more the size will grow. And today worldwide the market is worth $40 billion, growing at an average of 6-7%. Another point is that in India, Gulshan Rai, I heard one of his key note in which he spoke about Indian market which is currently worth $4.5 billion and which is going to be $35 billion in the next 10 years. So there are different versions in what people are talking about and third parties are giving their own stats, facts and figures.
But again, my personal belief is that every year, when you have attacks like WannaCry and others, they are the ones who actually accelerate this market in terms of growth, in terms of evolution from both the sides. From the protection side, and from the threat side. So the more the criminals are going to be there, people will have to deploy more police. Similarly, if you have more threats, which have been coming in and attacking the existing infrastructure, which is important for any CIOs and CSOs then you will have to deploy more power, in terms of cyber security. So that is how I personally believe that it is evolving. Because every second day we are getting some advance APTs which are prominently targeting a specific market, specific kind of segment, specific kind of vertical, and that is how the market is being driven.
“Sophos have come out with Deep Learning which is part of AI where we are talking about a technology with no signature and proactively able to estimate, understand that this could be a threat and a malware.”
Security is not how it was in the earlier years. It has become sophisticated, and attacks are coming from all across, you never know from where you’ll get the attack. So what is your take on this?
I think one fundamental thing which I am in agreement with is that attackers have been thinking in different ways and means, but I think companies have also able to keep up the pace. For example, earlier we never had a proactive kind of technology, and today I can proudly say, that companies like Sophos have come out with Deep Learning which is part of AI where we are talking about a technology with no signature and proactively able to estimate, understand that this could be a threat and a malware.
Not a normal data which people are trying to get on their laptops or computers. So one side I agree that cybercriminals are very fast. Like today in Sophos lab we have 400,000 unique malwares being researched every day. You can imagine how this particular cybercriminal industry is growing and they have only one agenda right now and that is how they can take millions and billions of dollars to their bank. And that is why now the threats that have been coming in are absolutely targeted.
What are the biggest threats? Is it the ransomware?
As I mentioned earlier also, it is the ransomware malware. And a part of it is also a malware which is crypto jacking and crypto mining which constitutes the entire circle of different threats. So you have (APTs) Advanced Persistent Threats, which are taking the maximum shares of malware and are a part of that is ransomware malware actually for example SamSam, Dharma, or BitPay malware, these are the recent ones which are happening in the industry.
I have not seen a single company which has not been attacked by these three and also EternalBlue which was part of WannaCry is like a targeted attack and people are still doing it because it is impossible in today’s world, to patch each and every aspect of your network. Also, when you see you have IoT devices coming in you have so much of vulnerability in the space in the network that you have created for your company to be successful. So you have so much vulnerability being available which these cyber criminals are taking advantage of. I would say ransomware malware is going to constitute in today and tomorrow’s threat radar where they are going to attack, mine and milk this industry and take maximum dollars out of our industry.
Do you have solutions for the kinds of attacks that are coming into the network?
Sophos as of today is providing end-to-end solutions to the mid- market and primary class of customers. Sophos has solutions available on end point, network side, we also have solutions which are like educational tools which we provide to corporates where they can educate their end customers which means their employees, about phishing attacks. So, these are the various kinds of solutions that Sophos in terms of network side is providing. On the end point side starting from next generation which also consist of intercept as one of our flagship products which is anti-ransomware, anti-exploit, and now we have come out very recently with a product same intercept text with EDR which is I think is complimenting the whole solutions.
Today, people are very much worried about their devices. Let’s say there is an attack which has happened and some solutions of yours has already protected your device before the attack could happen, so now how are you sure that all your devices in the network are completely free of such kind of malware for which the attack was done. So EDR is one of the solutions which gives you the complete visibility in your network, gives you a dashboard that yes this particular device got attacked, it has been removed, cleaned up, so there is an automated remediation which happens with the solutions of Sophos, and that is the beauty of it. So on the mid market kind of customer we have solutions which takes care of almost all kinds of problems on cybersecurity side of the business.
For the last 3-4 years Sophos has been quite successful in gaining market share. What do you attribute to for this success?
I think there are a few points to which we would like to attribute this success too, and this credit goes to our strategy on product. If you look at our products in the last 2-3 year’s we have really done a phenomenal amount of innovation. Before, we did innovation at the same time we acquired companies. Around 2-3 years back, apart from Cyberon which we acquired, we have acquired Mojave Networks, Reflection Networks, Surf Right in 2015, Invencia in 2017, and Barricade in 2016. So all these companies which we acquired, and how we have integrated it with the existing products, I think that has given a phenomenal amount of ammunition against cyber criminals and against all kinds of threats which are available in the market.
At the same time to be able to see through in the future also with the help of Deep Learning which is a technology available today whether we are giving Intercept X with EDR or Next Gen end point with EDR so that is about the product. Second is about how do you position it. Lots of people have been talking about how Sophos is not there in very large type of enterprise kind of customers. I think as of today we can proudly say that we are able to serve mid-market and pragmatic class of customers in a beautiful way, where today the threats are very complex, coordinated, and are working in a very interactive way which means they will go one step ahead and somebody will leave a virus in your network and after leaving that nothing is going to happen to your network so there is information which is being captured, information is being given to the person, and after that the second thing will happen, the second step, the third will happen, the fourth will happen, so the attacks are very coordinated.
Someone also needs to understand that the defence also has to be coordinated. So, at the network security, at the end point security, if both are not talking to each other, if both are not sharing the threat intelligence, and if both are not protecting the complete environment, I don’t think any company can protect the environment of the corporate culture. So that is where Sophos has the edge and I can proudly say with the help of Sophos Central which is absolutely central to any network, and to the end point and we have dashboard coming in and we have a synchronised security which is being played between network and end point.
And with the help of synchronised security you have any kind of attacks let’s say for example any end point gets quarantined, it gets cleaned up, and when it becomes healthy it comes back to the system. So for example if you are a CIO and you went for a cup of coffee in the canteen and you had an attack, by the time you come back after 30 minutes you will find on the dashboard that the attack happened, but it got quarantined, and the device got cleaned up and again back in the system and that is the report and the root cause analysis is complete. How would you feel? And that is what CIO and CSOs are looking for.
And I think we are absolutely in the right direction and we are able to deliver to those set of customers. So, I talked about our product, I talked about our positioning, and another thing which I want to talk about is our people. I think we have one of the most dedicated manpower in India. We are successful because we have more than 850 people working out of India, able to serve global and in India. We have product development happening out of Bangalore, and in Ahmedabad, we have product support happening, we have lot of people working on cloud. So there are different departments which are based out of India and we feel a lot of strength collectively. And the fourth point but not the least why we have been successful is our channel partners, and our channel ecosystem.
They have been loyal to us, and they have always been thinking that with the help of Sophos, for the last 3-4 years if you look at it they were selling only one product earlier and after that they have been enabled they have been given product by which they have actually increased their depth with the customers. Which earlier used to mean with one customer, one product. Now the same customer has five more products. What does that mean? You need not to go for acquisitions of new customers.
You are on the same side because it’s very expensive to acquire a customer. But to retain a customer and to give them more products, give them more security I think that is what these partners have done with us and have earned maximum amount of profit and have been earning actually and then you are able to create a renewable base over a period of time. And that renewable base is actually a bottom line to your balance sheet. So in my opinion our channel system has been absolutely a key to our success these past 2-3 years.