Synchronized security is the secret sauce for modern infra: Gavin Struthers, Sophos

Sophos encompasses an extensive portfolio of network security and end point security stretching across hardware appliances, virtual firewalls, EDR, cloud offerings and more.

What does it take to be the one stop ‘end to end’ security vendor in a super competitive cybersecurity world of established vendors and startups? IDG Media had an exclusive interaction with Gavin Struthers, Regional Vice President, Asia-Pacific & Japan, Sophos, during his visit to India on why better, faster and ‘more fun’ are part of his business mantra for the region in 2019 and 2020.

Edited excerpts

You joined Sophos after a sixteen-year stint at McAfee? How different or challenging is the new role? 

I want to focus more on my currently role at Sophos. After a break from my last role, I wanted to be back in security because it is a very interesting industry. What hasn’t changed though is the fact that the organizations are still grappling with the escalation of attacks and importantly the sophistication of attacks. 

One of the prime reasons I joined Sophos is the company’s big emphasis on mid-market. SMB organizations that lack expertise and skills are actively looking at companies like Sophos to help them simplify and address the very complex problem of security at their end. 

What security trends do you see in 2019 across APJ? Any new threats on the horizon besides ransomware, malware and others?

Sophos research recently called out the seven uncomfortable truths of endpoint security. We continue to see phishing and ransomware as two significant attack vectors. But we shouldn’t discount mobile threats and threats to IoT. The survey showed 18 percent of attacks were found on mobile devices in countries like India, which is expected to double in most countries.

Detection and response is another focus, especially the evolution of security controls in the last three years. What’s changed is a growing realization amongst CIOs and CSOs about the criticality of data protection. Think of basic exploits and ransomware as an example, and how to protect phishing attacks because detection is very difficult. 

Generally, with a lot of data growing by the minute, most organizations don’t have the security analysts and research analysts. We are sort of the security analyst in their technology roadmap with our extensive portfolio. And EDR on top of good protection as a system approach helps as our security platform ensures end point and network talk to each other. This ‘synchronized security’ has received much traction amongst our customer base and we see a lot of success there. 

EDR is more of a sexy jargon or is it here to stay? 

EDR is in a traditional hype cycle but it is a reality across globe and APJ region too. Security vendors need to do better detection and response to translate into forensics to find root cause, so that companies know how to respond in future. Sometimes it is a human issue. In case of phishing attacks, the recent one on Wipro highlights that no one – even highly fortified organizations – are well adept in security. 

The human factor is usually the weakest point and hence it’s about importance of cyber awareness to employees, conducting phishing campaigns internally and educating employees to make better decisions. 

Network security in cloud age demands more intelligence like AI and new technologies to ward off newer threats. How is Sophos coping on this front?  

We are emerging very strong in the marketplace with Sophos XG platform. And another version later this year will help companies be more scalable. Our secret sauce is not only our ability to offer a robust firewall or the next generation firewall, but provide a platform that allows several controls to be integrated and communicate with each other. Sophos synchronized security can be viewed as ‘security as a system’ with the endpoint talking to the network. Not many vendors can claim to provide that platform that also talks about TCO, data visibility, and compliance. 

Sophos made two acquisitions since I joined – DarkBites and Avid Secure. With workloads moving on public cloud, there is a lack of visibility and compliance. If one out of six servers will have potential issues, according to statistics, how can one actually identify and protect them better? We are very excited about the recently launched web cloud optix technology. Sophos is pursuing a holistic approach to the security world, not just selling firewalls or endpoint. 

*/ /*–>*/   Our secret sauce is not only our ability to offer a robust firewall or the next generation firewall, but provide a platform that allows several controls to be integrated and communicate with each other. That’s Sophos synchronized security. Gavin Struthers Regional Vice President, APJ, Sophos

So which organizations across APJ are biting the ‘synchronized security’ bullet? What’s the next big thing after the successful Intercept X launch few years back?

The synchronized security story is resonating strongly across all areas, but particularly in the mid-market. The sub 1000-user organizations are struggling with expertise and resources to deliver security across endpoint, network and cloud. I wouldn’t pinpoint to any one particular vertical because it cuts across the board. 

We continue to add more capabilities to Intercept X. The launch of EDR solution last year is going very well for us and the cloud optix offering that provides more capability. And you will hear more on the managed detection and response space that helps the customers with incident response, root cause analysis and forensics to understand what happened and fortify that it doesn’t happen again. 

Sophos competes with vendors such as Fortinet, SonicWall and Palo Alto Networks, Fire Eye. What’s your optimal competitive landscape and will hardware security appliances (firewalls) get extinct?

It is a huge and very fragmented market with several players, however, there’s enough room for everyone to be successful. We continue to focus on our success in mid-market and SMB, which we call mid-tier enterprise or pragmatic enterprise. But, we sell into large enterprises too as we are secure many customers with hundreds of thousands of devices. 

There’s still a long horizon wherein hardware (appliances) will be sold in the market. However now there is a healthy mix of virtualized hardware and controls in the cloud. For example, Cloud Optix is a pure SaaS, non-intrusive offering to move on public cloud instance, that helps know visibility, compliance and protection of your data.

Endpoint security business has been bit of a challenge for Sophos especially in countries like India, compared to the growth in network security, any new plans to bump up the endpoint security revenues in those regions? 

Because of the dominance of Cyberoam (Sophos acquired India-bred Cyberoam in 2014) business, we have a skewed mix leaning towards network security in some regions like India. But our endpoint business is growing well globally and in APJ. Some of our well entrenched network partners do bit of endpoint security as we continue to train thousands of partners on the overall security portfolio. 

We’ve got specialized resources on endpoint security for the sales team and also partners through better training activities. As partners are driven by profitability, we make sure our program offers the incentives – deal registration, rebates or aggressive rewards program. We offer additional rewards for endpoint security to our partners.

With cloud picking up pace, we are identifying and working with partners to offer a broad platform approach for their customers, help them land and expand opportunity for their business, both on revenue and profitability.

Channel partners want to know the long term roadmap of vendors than product features as they implement digital transformation for their customers. Do you also see that demand? 

Yes. They like to hear about the direction of the security industry and the areas of importance for their customers. With the hype of tech terms in the market, channel partners expect pragmatic advice from security vendors than just the current roadmap. 

We provide training around the context of an area, or a use case or a customer challenge. We help partners articulate the context of their customer challenge, or the typical approach to their problem besides the discussion around product features. It’s no longer a product push in modern tech world but an approach of process and technology. I believe the industry could be blamed to have been too product-centric for a long time, than business outcome-centric.

Your do’s and don’ts for CIOs or CISOs on their security strategy? 

Security is an economic issue which should be approached like risk and risk management. We’re seeing CISOs making security a priority. The boards across many companies are increasing their security budgets. And, it starts with people first through cyber awareness programs, assessing your state of security, ensuring a frameworks approach. 

The basic hygiene like current patching, educating users on threats is followed by most of the larger organizations, but we need to help midsize organizations on that aspect more effectively.

Your top of the line priorities as APJ Chief at Sophos for 2019 and 2020.

In our new financial layer, it is a three pillar strategy around people, partners and execution excellence. But it’s underpinned on doing everything that’s better, faster and more fun in our business. We aim to add an element of excitement to make our business plan better and execute it with the agility that is required to drive growth business.  

And of course, we will continue to focus on ‘synchronized security’ platform for 2019 and 2020. Sophos is approaching security as a system, where each component communicates and updates one another, to provide a more comprehensive approach to a security framework.