I recently celebrated my 25th work anniversary at Sophos and so I have spent some time reflecting on how much the cyberthreat landscape has changed over the past 25 years.
In 1997, after responding to an advert in the Oxford Times and joining Sophos as employee number 49, I initially worked at our global HQ in Oxfordshire for six years before relocating to Nottinghamshire. I began to specialise in helping the company’s public sector clients (incl. housing providers) stay secure against the ever-increasing number of cybersecurity threats. Little would we know at the end of 1997 just how huge the volume and complexity of threats would become. At this point, there were only around 13,000 viruses in existence, macro viruses were beginning to make their mark and the first native Windows NT virus, Cabanas, emerged. Headlines reported a 40 per cent increase in the number of viruses year on year.
25 years later…
Fast-forward a quarter of a century and many things have changed but many others have stayed the same. We no longer log on to the internet via dial-up and hear that oh-so-distinctive handshake sound, and smartphones, tablets and all types of devices now connect to the internet and make everyday life more productive in so many ways.
At Sophos, where tens of millions of malicious ‘binaries’ are seen daily, we employ over 4,000 people and protect over half a million organisations across the world, including a large and growing number of UK housing providers.
This period of momentous change in the scale and complexity of cyberthreats has been matched by the rapid adoption of digital transformation technologies in the housing sector.
Husbanding your resources
It’s an oft-quoted truism that it’s vital for housing providers to focus on how efficiently and intelligently they can use their limited resources, whether people, technology or money, to achieve tenant satisfaction. It’s common sense to embrace new technologies such as AI and machine learning to automate tasks if they can be handled successfully (and sometimes better) without human involvement (e.g. the reporting, coordination and monitoring of repair services).
With cyberattacks, such as ransomware, becoming increasingly prevalent and complex, housing providers’ IT teams are under constant pressure to monitor every aspect of their organisation. Today’s threat landscape requires them to monitor threat activity and high volumes of security alerts and false positives around the clock. This can feel overwhelming if you don’t have a large team of cyber analysts – something that very few, if any, housing providers have the luxury of. Cybersecurity requires an active defence strategy to prevent incursions from doing damage, and the burden of defence is too high for many housing providers to manage themselves.
Thankfully, this is where today’s solutions differ from those that were prevalent when I started working at Sophos. An active cyber defence is no longer just about making sure that you’ve deployed the latest antivirus identity files. True active defence requires threat hunting to stop incidents before they do real damage and incident response capabilities if you’re hit. Subscribing to ‘cybersecurity as a service’ now gives you a way out of trying to cope with ‘alert fatigue’ and the lack of visibility that plagues smaller IT teams; it allows you to extend the capabilities of your own IT staff with a team of experts.
Managed detection & response
Many housing providers have already realised that teaming up with Sophos’s Managed Detection and Response (MDR) specialists provides the protection and peace of mind that they are missing in their cybersecurity strategy. Sophos MDR is a fully-managed service delivered by our experts who detect and respond to cyberattacks targeting your computers, servers, networks, cloud workloads, email accounts and more.
One of our public sector clients using our MDR service said, “The resources and capacity in our team of ten staff is limited, and the Sophos MDR service delivers cybersecurity protection that we can’t provide in-house. With round-the-clock cover, we’ve peace of mind and are confident that we have the best protection.”
To make use of the service, you don’t have to just use Sophos’ integrated security tools, you can also continue using any other vendors’ solutions or a combination.
As growing numbers of housing providers subscribe to the MDR service, the ‘community immunity’ increases. As we spot a threat in one organisation, we can then proactively search others to see if they are also being targeted. Thanks to the vast amount of telemetry that we gather from all those customers, we are much better placed than a third-party security operations centre (SOC) to keep you secure.
As we’ve discussed, we’ve come a long way from the days when I started out in cybersecurity. As a result, things are becoming ever more challenging to manage without outside help.
Cybercrime as a business…
But what will the future bring? Well, the cybercriminal economy has transformed into an industry. As organisations such as Sophos have moved to ‘as a service’ offerings, the cybercrime ecosystem has done the same. Access brokers, ransomware, information-stealing malware and other elements of cybercrime operations have lowered their barriers to entry for would-be cybercriminals. All of this means that as we start 2023, one thing that we can be sure of is that the threats you face will keep coming thick and fast, and you are likely to need the help of a third-party expert service such as Sophos MDR.
Jonathan Lee is the director of public sector relations at Sophos.