As the threat landscape continues to evolve and hackers find new ways to breach security: A review from Sunil Sharma, managing director sales, Sophos India & SAARC
From an overall Cyber Security growth point of view, how was the calendar year 2018 from a global and India market perspective?
The global cybersecurity market is expected to grow from USD 152.71 billion in 2018 to USD 248.26 billion by 2023, at a Compound Annual Growth Rate (CAGR) of 10.2% during 2018–2023. Whereas India’s cyber security market for products and services will grow up to $35 billion in 10 years from the present $4.5 billion.
Ransomware and high-profile data breaches continued to grab the headlines in 2018. Ransomware as a Service (“RaaS”) was big business on the dark web, where criminals sell kits that buyers can use to make and distribute their own ransomware.
A SophosLabs threat report revealed that hackers are looking beyond traditional ‘spray and pray’ style attacks that are automatically distributed through millions of emails, and turning to premeditated and targeted ransomware attacks. These are more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so ransoms must be paid.
Elsewhere, cryptomining was a huge topic. We saw a rise in the volume of malware payloads as hackers covertly infected computers with software to do the calculations needed to generate cryptocurrency, such as Bitcoin, Monero or Ethereum and kept the proceeds for themselves.
As the threat landscape continues to evolve and hackers find new ways to breach security, the reality is that organisations can no longer build strategies for “if” they suffer a breach but “when”.
How was SOPHOS performance for this calendar year from a global as well as India perspective?
In the fiscal year ending 3/31/2018, Sophos reported that billings grew by 22% to $769 million and revenue increased by 21% to $641 million. Overall, Sophos continues to see a robust demand environment, with a double-digit increase in billings from new customers, and Sophos Central and Intercept X both continuing to establish momentum throughout the quarter.
What all activities you did which differentiated you from the competition and helped you to increase market share?
Sophos continues to execute against its core mission: deliver innovative, simple, highly-effective cybersecurity solutions to IT professionals and the channel that serves them. Sophos is the only security vendor that affirms its loyalty to the channel community in its mission statement, a testament to the company’s unwavering dedication to its channel-best approach.
Sophos’ portfolio spans endpoint and network security, plus web, email, encryption, and mobile protection. Sophos is the only security vendor that maintains strength in both network and endpoint security, led by the growth of its most powerful next-generation products, InterceptX and XG Firewall. Sophos’ Synchronized Security and Sophos Central leverages the power of these products by allowing them to share information and respond automatically to attacks.
Sophos was one of three vendors recognized as a leader in Gartner’s 2018 Magic Quadrant for UTM (SMB Multifunction Firewalls). Gartner also named Sophos a Visionary in the 2018 Magic Quadrant for UEM. Sophos is the only IT security company to be consistently positioned as a leader by Gartner in both the 2018 Magic Quadrant for Endpoint Protection Platforms and Magic Quadrant for UTM.
In summary, our focused strategy and investment in nextgen products and technology has enabled Sophos to continue to grow our customer base in India and across the globe.
How was your customer acquisition growth? What were the customer engagement programs of the year and what was the outcome?
As we enter the 2019 financial year our total subscription base continues to grow and we now have more than 300,000 end customers and 100 million end users around the world protecting their businesses with Sophos’ comprehensive cybersecurity solutions.
Our flagship event Sophos Inner circle, which aims to build a community of technology specialists and cybersecurity practitioners in India, provides attendees the opportunity to network and relax, as well as participate in technical briefings and learning sessions.
Customers around the world are also engaging with Naked Security, Sophos’s award-winning blog, giving you news, opinion, advice and research on cybersecurity issues and the latest internet threats.
We continue to partner in marketing and promotional activities that help us engage with our target audiences in India throughout the year.
Which verticals embraced your solutions maximum and why?
Cybersecurity is becoming the number one priority for businesses of all sizes and across all sectors. Customers across BFSI, government & defence, education, manufacturing, healthcare, e-commerce, IT & ITES choose Sophos’ comprehensive security suite to better protect their businesses.
Name some of the best customers and why those were best?
At Sophos, we constantly work hard to innovate and deliver the best possible cyber protection to our customers. We have a wide range of customers in India across a growing number of vertical market sectors. Below are just two, who have benefited from the solutions we have delivered.
- AAVAS Financer Limited – Protecting Financial Institutions with Next-Gen Security
- Manipal University – Simplifying Enduser and Network Security in Education
Point out some of CIO Challenges in 2018 from the Cyber Security point of view? What was the experience of SOPHOS in mitigating those challenges?
Cybersecurity challenges that CIOs face are highlighted in our recently published threat report. To summarise it, 2018 was the year that targeted ransomware hit the headlines and we will likely see more copycat style attacks continue to hit businesses into next year. We also saw criminals make greater use of readily available system admin tools to access an IT network, move around and then steal sensitive data or drop ransomware into the network.
The reality is that cyberattacks of all kinds are happening constantly. Most organizations are set up for automatic attacks not human interactive attacks, and once cybercriminals get into a system, they will move around.
Security has reached a turning point and companies need to take an active, layered and predictive approach to security, meaning they must be diligent and proactive with best practices and deploy in-depth defenses that expect attacks and communicate with each other to stop threats. Traditional security methods are no longer enough to prevent constant and changing cyberattacks.
Sophos recommends that businesses implement the following cybersecurity best practices to protect themselves from attacks:
- Layered security that blocks attackers from all points of entry and from gaining access once inside a network
- Rigorous and diligent patching
- Server-specific security with Lockdown capabilities and anti-exploit protection, especially for unpatched systems
- Security that synchronizes and shares intelligence to activate lockdowns
- Endpoint and server security with credential theft protection
- Hard to crack and unique IT admin passwords with multi-factor authentication
- Improve password policies: Encourage employees to use secure password managers, longer passphrases and the non-reuse of passwords for multiple accounts – How to pick a proper password.
- Improved account access controls: Enact sensible policies to secure idle accounts; automatically lock accounts and alert IT staff after a number of failed login attempts
- Regular phishing tests and staff education about the perils of phishing
What all products you rolled out in the year, what was the adoption rate of those new products?
Sophos’ portfolio spans endpoint and network security, plus web, email, encryption, and mobile protection. Sophos is the only security vendor that maintains strength in both network and endpoint security and continued to expand its InterceptX and XG Firewall portfolios in 2018. ; Following the announcement of predictive protection to InterceptX in January, Sophos added its powerful Nextgen endpoint protection to its server product and also delivered Intercept X Advanced with EDR. Sophos’ Synchronized Security and Sophos Central leverage the power of these products by allowing them to share information and respond automatically to attacks.
What kind of revenue/ market share growth you achieved this Year?
In the fiscal year ending 3/31/2018, Sophos reported that billings grew by 22% to $769 million and revenue increased by 21% to $641 million. Overall, Sophos continues to see a robust demand environment, with a double-digit increase in billings from new customers, and continued technology innovation across our product portfolio.
Add magazine in this page