Firms today lack coordinated, 'context-aware' security

Businesses need security tools that are integrated, coordinated, and able to communicate with each other across the network to provide unified "context-aware" protection, says Sophos CTO.

Businesses today are still lacking security tools that are integrated, coordinated, and able to communicate with each other across the network to provide "context-aware" protection.

Security today is way complex and needs to be simplified so organizations can more efficiently manage as well as protect their networks, said Gerhard Eschelbeck, CTO and senior vice president at Sophos. Speaking at a media luncheon in Singapore this week, he noted that most security tools today are unable to communicate with each other in order to make better informed decisions on how to deal with potential risks. 

There should be more integration as well as coordination so they can share intelligence and be "context-aware", Eschelbeck said, referring to Sophos' latest development project, dubbed Project Galileo. It's touted to close the communication gap and help correlate alerts and incidents that may be occurring at different parts of the network, including the end-points. 

Describing Galileo as having "4D security" where most security today are only 2D, he said the product strategy will encompass various Sophos tools that cut across the entire network and are able to communicate and exchange information with each other. This will enable better automation so the right action can be taken as soon as possible and malicious hackers can be stopped before they can do any real damage, he said. 

It addresses the disparate layers of security that most companies operate today, and manages various elements such as policy enforcement, malware detection, and threat response as a unified effort to decide the most appropriate course of action. 

Galileo is further lauded to have the the ability to enable an organization to run its security infrastructure as a cohesive unit to combat cyberattacks. 

The first set of Sophos products and features coming out of Project Galileo will be ready over the next six months, with new releases to be made available in a three-month cycle. Eschelbeck added that these new offerings will only integrate and work exclusively with Sophos products, but the IT security vendor plans to release APIs (application programming interfaces) eventually to allow other security products to work with its Galileo releases. This, however, is unlikely to happen within the first year as Sophos will need time to first ensure the stability and robustness of the new products, before opening up the APIs, he said.

"Security is more effective as a system," he said, noting that very often, security breaches are the result of "simple oversights" that hackers are always quick to exploit. These risks can be mitigated with a security framework that is integrated, coordinated, and context-aware, he added. 

And this is especially critical for mid-market organizations, with employee size of between 100 and 1,000, which typically lack the resources to have dedicated IT security personnel, said Stuart Fisher, Asia-Pacific regional vice president and managing director at Sophos.

The vendor targets customers in this segment because enterprises in this market are spending more of their budget on security systems, which are becoming increasingly disparate, and realizing the need to consolidate and deploy more integrated tools, Fisher said. This presents opportunities for Sophos to address with Galileo, he added.