Security Operations , Security Operations Center (SOC)
Sophos X-Ops Debuts to Thwart Complex Cyberattacks
Joe Levy on How New Expert Service Can Stop Sophisticated Attackers in Their TracksRansomware operators, crypto miners and initial access brokers are increasingly targeting the same networks for compromise, creating a new and complex set of challenges for defenders.
See Also: Splunk Named a 10-Time Leader in Gartner® Magic Quadrant™ for SIEM
In response, Oxford, U.K.-based Sophos has brought together three teams of cybersecurity experts within its own organization to help businesses better defend against constantly changing cyberattacks. Joe Levy, Sophos' chief technology and product officer, tells Information Security Media Group the creation of Sophos X-Ops will put the company on more equal footing against fast-moving adversaries (see: Sophos Buys Startup SOC.OS to Spot Attacker Activity Sooner).
"You need to have security operations teams that can run at scale and you need to have a data science team that works really closely with this security operations center," Levy says. "And then you need to have a labs function that is actually able to perform the analysis and push this new threat intelligence into production. And that led us to the conclusion that we have to have a structure like Sophos X-Ops."
In a conversation with ISMG, Levy also discusses:
- Why the changing threat landscape necessitates a new response;
- The importance of bringing AI into the SOC;
- Real-world examples of what Sophos X-Ops can solve.
Levy leads the company's technology and product strategy worldwide, driving product and services vision and innovation to enable Sophos to deliver better cybersecurity outcomes. He has more than 25 years of leadership and development expertise, focusing on cybersecurity. Prior to Sophos, Levy was CTO for Blue Coat Systems following the company's May 2013 acquisition of security analytics pioneer Solera Networks, where he had served as CTO since 2008. Prior to Solera, he was CTO of SonicWall, where he led research and development teams with concentrations in the areas of next-generation firewalls, deep packet inspection, cryptography and secure remote access.