Photo - Maxim Weinstein, CISSP, Senior Product Marketing Manager, Enduser Security Group, Sophos
The quest to develop a comprehensive, simple to manage enduser-focused protection system has moved from the first phase of consolidation, known under the internal project codename of Galileo to Copernicus, which is expected to be completed by July of this year, said security solutions firm Sophos.
During a visit to Kuala Lumpur, US-based Maxim Weinstein CSSP, who is senior product marketing manager, end user security group for Sophos, outlined some of the recent numerous global announcements made by the company, which include an updated endpoint protection engine, powered by Sophos System Protector featuring Malicious Traffic detection, as well as the latest release of Sophos Mobile Encryption 3 and SafeGuard Encryption 7.
The Chinese New Year briefing on 3 March 2015 included presentations by Sumit Bansal, Sophos Asean director of sales, Wana Tun, Sophos Asia's regional technical evangelist, and Jon Hoong Wong, the Sophos Malaysia country manager.
Bansal and Wong confirmed that Sophos's growth has been significant. "As we come to the close of our financial year at the end of this month, we have recorded 17 percent growth year on year (YoY0 globally," said Bansal. "What is especially interesting is that on the network security side, we have achieved 40 percent growth; globally, we expect to move up to the number 2 place in the UTM [unified threat management] sector in the next 12 months."
"In Malaysia, our growth has been in the double digits, and we expect that to continue for the next year," he said, adding that growth has been driven by demand for network security. "In the Asean region, the network security sector has grown 26 percent, so Malaysia is the leader in this particular space."
"We have won some important business, including a prominent healthcare service provider, and our solutions have resonated in the public sector in Malaysia as we are working on some major government projects," added Bansal.
Enduser, not endpoint
Weinstein said, "Security is a complex threat landscape as evidenced by many security issues such as Sony and other breaches, occurring more frequently. The traditional security approach, of developing step by step a solution for every new group of attacks, is falling behind."
"As threats increase both in complexity and quantity, most organisations lack the resources to keep up; they do not have large in-house security teams that large enterprises may have," he said, adding as an illustration a finding from PwC that 42.8 million security incidences were detected by businesses worldwide in 2014. "Many incidents may have gone undetected, of course."
Bansal added that Sophos predicted last year the increase in ransomware attacks, which was also recently flagged by national infosecurity specialist CyberSecurity Malaysia. "In such attacks, a downloaded Trojan can remain undetected on a machine for long periods and when activated, will communicate with a CC [command & control] server. Criminal gangs have amassed more resources and wealth and reinvested in developing even more sophisticated attack technologies and approaches."
"Sophos has taken a different approach under with Project Galileo and now Copernicus," said Weinstein. "End user protection is where we believe the focus should go. Mobile working across multiple devices - or end points - is bringing corporate data out across open networks."
Both codenames refer to an internal consolidation of devices and software into one comprehensive system, which spanned firewall to end user, and could be simply managed through a cloud-positioned management console, he said, adding that the key to detecting and tackling sophisticated and other attacks was to see malware traffic going through any part of the network and stop it.
Sophos Asia's Wana Tun said: "The Copernicus platform is about connecting the dots between UTM [unified threat management] and endpoint parts of the network. We are trying to consolidate firewall and endpoint to be able to better detect and deal with malicious activity."
He said that new Copernicus platform will also integrate Cyberoam [acquired last year], "which will continue to offer hardware under the Cyberoam brand for a year or so, but will eventually run Copernicus code and come under the Sophos brand."
Wan said: "This means Sophos will marry the best solutions under a centralised management console, which can be controlled through the cloud 24/7 over 365 days."
"The journey started as part of Galileo last year with the development of next-gen network security, next-gen server protection and next-gen enduser protection," said Weinstein. "Endpoint security needs to change to encompass different devices and platforms and become end user protection."
"Prevention is ideal but detection is a must," he said. "Remediating threats is about reducing damage, which also means that ultimately the data must be encrypted no matter where it is."
Sign up for Computerworld eNewsletters.