- Sophos Retainer Cuts Red-Tape, Allowing Sophos Incident Responders to Quickly Investigate and Remediate Active Attacks
- Shorter Attacker Dwell Times Require Faster Response, as Indicated in Sophos’ New Active Adversary Report for Tech Leaders
Sophos, a prominent global leader in pioneering and providing cybersecurity as a service, has introduced its latest offering: the Sophos Incident Response Retainer.
This innovative solution offers organizations swift access to Sophos’ cutting-edge fixed-cost incident response service, inclusive of 45 days of continuous 24/7 Managed Detection and Response (MDR).
By streamlining processes, the retainer empowers Sophos’ incident responders to rapidly engage with ongoing cyberattacks for thorough investigation and effective resolution.
The package also encompasses external vulnerability scanning and essential preparedness guidance, enabling organizations to proactively enhance their existing security posture by identifying and addressing vulnerabilities that could potentially lead to breaches.
In a time when the duration attackers remain undetected is progressively diminishing, as highlighted in the recently published 2023 Active Adversary Report for Tech Leaders by Sophos, the speed at which adversaries are located and expelled is of paramount importance in minimizing harm and thwarting malicious agendas like data breaches and ransomware.
The report discloses that the median time adversaries stay undetected continued to decrease, dwindling from 10 days in 2022 to a mere eight days in the first half of 2023.
For ransomware specifically, the period between initial infiltration and impact shrank from nine days to just five. Additionally, attackers demonstrated a preference for striking during off-hours and weekends, with only 9.6% of ransomware incidents occurring during typical business hours. The most frequent attack times were identified as Fridays between 11 p.m. and midnight, according to the targets’ respective local time zones.
Sophos Vice President of Product Management Rob Harrison, emphasized the importance of incident response retainers in bolstering organizations’ ability to mount swift countermeasures against ongoing cyberattacks.
“Incident response retainers help organizations prepare in advance for the fastest response time possible to defend against active cyberattacks,” said Harrison.
Given the complexity of modern computing environments, shortages in skills, evolving attacker tactics, and the stipulations of cyber insurance, having pre-established incident response strategies is crucial for all organizations.
Harrison noted that tangible readiness has become an integral facet of cyber resilience.
“Sophos’ objective is to promptly halt active attacks and ensure comprehensive remediation, regardless of the time required. We are the sole security vendor providing this caliber of retainer services for urgent security incidents,” he added.
Majority of Organisations Still Facing Threats
Highlighting the urgency of the matter, Chris Kissel, Research Vice President for Security and Trust Products at IDC, referenced IDC’s ransomware research, which indicated that 65% of organizations encountered significant breach incidents within the past year despite substantial investments in cybersecurity tools.
Kissel underscored that addressing unforeseen cyberattacks demands timeliness, incurs stress, and entails substantial financial commitments.
The most effective strategy to save time, curtail expenses, and mitigate the impact of breaches is to have a proficient incident response team on standby before attackers strike.
The Sophos Incident Response Retainer is accessible in three tiers through the firms global network of partners.
Distinguished by Sophos’ exceptional ability to proactively detect, respond to, and mitigate attacks within multi-vendor environments, the retainer is accessible not only to existing Sophos customers but also to non-Sophos clients.
This includes those already utilizing Sophos’ comprehensive range of innovative security products encompassing endpoints, networks, emails, and more, as well as Sophos MDR Essentials.
For current Sophos customers, the retainer also incorporates endpoint configuration health checks and device audits.
Organizations seeking comprehensive services in a unified package can opt for Sophos MDR Complete, which inherently includes comprehensive incident response capabilities.
Jonny Scott, Vendor Alliance Manager at Phoenix Software, praised the Sophos incident response retainer as an indispensable tool for partners to aid customers in proactively fortifying their cybersecurity defenses.
He highlighted the retainer’s ability to facilitate swift and decisive action during worst-case attack scenarios where every moment counts. Scott applauded the retainer’s fixed-cost pricing, which takes into account the distinct nature of each attack scenario and the rapid accumulation of costs.
The extensive array of resources included in the retainer, spanning from vulnerability scans and breach prevention to a team of adept experts available 24/7 for direct engagement with adversaries, solidifies its status as an essential asset.