If you think about cybersecurity all the time, then you are less likely to become a victim
As the world leader in next-generation cybersecurity, Sophos now powers more than 400,000 organizations in more than 150 countries. The company itself, which is headquartered in Oxford (UK), consists of various groups covering the most diverse areas of expertise and performing a specific range of responsibilities. For example, SophosLabs, a global threat and data intelligence team, focuses on cloud and AI-based solutions to protect endpoints and networks from the latest cyberattack techniques. In addition, Sophos has a dedicated threat modeling team and an exploit and ransomware team.

Rovshan Akbarov, director of business development at iTech Group, tells what Sophos is most focused on today in an interview with Infocity.
- What do Sophos think about a comprehensive approach to cybersecurity, where customers can turn to only one vendor for all their needs in this area, and should we strive for this?

- For several decades there has been an opinion that it is necessary to find the best solution of its kind. Find the best VPN and buy it, find the best antivirus and buy it, find the best firewall and buy it. But all this together does not always work well, and manufacturers, without making any special efforts to understand the causes of problems, tried to shift the blame onto others. However, over time, the general opinion has somewhat changed towards complex solutions. Sophos, on the other hand, believes that it is possible to combine products from different manufacturers, but only where it is appropriate, so they prefer an integrated approach. Sophos solutions, for example, excel at network and cloud endpoint security. Because the company controls all of these elements, you can see them in one console, see how they interact with each other, provide context, and enhance security. Sophos is very good when it comes to responding quickly to cyber attacks. Solutions from this vendor not only help prevent an attack, but also subsequently find out how the attackers "penetrated" your company and how to prevent attacks from happening again in the future.

- The topic of artificial intelligence penetrates deeper into all areas, especially into cybersecurity. How are artificial intelligence algorithms implemented in Sophos solutions?

- Today the company is working on a fundamentally new threat detection system. Its most important component is understanding what the "normal" situation in the company looks like when it comes to monitoring network activity. For example, based on a daily analysis of what access models are used, what data circulates in the network, what temporal indicators of network load bursts are observed, etc. you can understand what a normal situation looks like in a particular enterprise. You can apply some policies to limit the activity of what is normal and make it easier to see out of the ordinary deviations. If you suddenly see a surge in data transfer from a server that usually does not transfer large amounts of information, then this will be an occasion to pay attention to this network segment. With a full display of what is "normal", it becomes much easier to automatically identify abnormal activities such as suspicious logins or data transfers.

I would like to draw the attention of readers to several Sophos products that are offered in our market. When it comes to endpoint protection, Intercept X is the flagship product. It is an industry-leading Endpoint Security solution that reduces the attack spectrum and prevents it from being launched. Combining exploit protection, ransomware protection, artificial intelligence and control technology, this solution stops attacks before they affect your systems. The deep learning AI in Intercept X excels in detecting and blocking malware, even if it has never been seen before.

Another solution that uses artificial intelligence algorithms in its work is Sophos Firewall. It is a network security solution that can fully identify the user and source of infection on your network and automatically restrict access to other network resources in response. Sophos Firewall blocks the latest ransomware and hacks with high-performance streaming DPI including next-generation IPS, provides web protection and application control, and provides deep learning and sandboxing powered by SophosLabs Intelix. This is made possible by Sophos' unique Security Heartbeat, which exchanges telemetry and health status between Sophos endpoints and your firewall and integrates endpoint status into firewall rules to control access and isolate compromised systems. And the Synchronized Application Control solution uses Heartbeat connections to Sophos endpoints to automatically identify, classify, and control application traffic. This will expose all encrypted, custom, evasive, and generic HTTP or HTTPS applications that are not currently identified. Together with Xstream SD-WAN, it provides a powerful, integrated SD-WAN solution with performance-based link selection and routing, fail-safe link transitions, centralized cloud management, and Xstream FastPath acceleration.

A solution like Sophos XDR? delivers greater accuracy and reduces workload for organizations involved in threat hunting and IT security hygiene. Starting with industry-leading protection reduces the amount of information you don't need to analyze, and a priority list of detections, combined with AI-driven investigations, makes it easy to know where to start and act quickly. Native endpoints, servers, firewalls, email, cloud, mobile, and Office 365 integrations are available in a shared data pool, or can access the device for up to 90 days of real-time status and historical data.
And by the way, going back to the first question, Sophos solutions work better together. For example, Intercept X and Sophos Firewall will exchange data to automatically isolate compromised devices during cleanup, and then return access to the network after neutralizing the threat. And all this happens without the need for administrator intervention.

- What other solutions does Sophos present on the Azerbaijani market by iTech Group?

- First, it is Sophos Security and Data Protection solution, which provides complete protection of endpoints, e-mail and the Internet, which can be projected to organizations with limited IT resources. It is an easy-to-use and reliable anti-malware and spam protection tool on Windows and Mac networks that allows you to proactively protect against all new and unknown threats and protect your data from accidental or malicious loss. Standard support for this product is provided 24x7x365 to provide you with ongoing protection. We also offer ZombieAlert, PhishAlert and WebAlert Services, which instantly alert you if your organization's computers are compromised, your company name is used in a phishing campaign, or if any of your web pages are infected with malware.

The Sophos Switch Series offers a range of cloud- and on-premises managed network access devices for connectivity, power, and access control at the edge of the local network. These switches fully cover the connectivity needs of a variety of scenarios: remote and home offices, small and medium businesses, retail outlets and branch offices. Plus, they integrate seamlessly with existing Sophos solutions. The series is available in 8, 24, and 48 port options that can be managed in a variety of ways, including a local web interface, command line interface, or SNMP for advanced configuration settings. And, of course, you can manage these solutions on the Sophos Central platform. It's a scalable platform that gives you a single control panel for not only your firewalls, but the entire Sophos security portfolio, including Sophos Wireless. By the way, I recommend taking a look at the Sophos Wireless solution, which offers a simple and effective way to manage and secure your wireless networks. The solution allows you to detect rogue access points, classifies nearby Wi-Fi networks to identify threats and prevent attempts to penetrate your organization's network.

- How are the partnerships between Sophos and iTech Group developing?

- As I noted above, the 24/7 threat detection and response service is provided by the Sophos team of experts. Sophos analysts respond to potential threats, look for indicators of compromise, and provide detailed event analysis, including information about what happened, where, when, how, and why. This is the biggest plus against the backdrop of an ever-increasing level of cyber threats, and it is these moments that have become the defining foundation of our cooperation. Sophos is a company that deals with the security of almost everything. For Sophos, security is a lifestyle, working 24 hours a day, 7 days a week. The company believes that the good habits that we acquire in the field of cybersecurity at work need to be projected into other scenarios. If you think about cybersecurity all the time, then you will be less likely to fall prey to intruders. Our company follows this principle, investing in the training and certification of its own specialists and promoting the concept of cybersecurity from Sophos in the Azerbaijani market.
+994 12 3101414
+994 51 2060960
Baku, Azerbaijan
Azadlig ave., 192E

Photo and video materials belong to iTech Group.

iTech Group 2024