ARN

Filling the cybersecurity skills gap for customers

By Charles de Jesus, Channels Director, ANZ, Sophos

Digital transformation for driving business growth is a key focus for many organisations. While the pandemic-driven rapid adoption of emerging technologies and increased connectivity could be seen as a positive move for many businesses and their customers, this increase in connectivity widens the door on cybersecurity risks.

According to the Australian Cyber Security Centre, self-reported losses from cybercrime totaled more than $33 billion during the 2021 financial year.

And recent high-profile data breaches go to show that if the large ‘trusted’ organisations can fall victim to cybercrime, small organisations could be at even greater risk.

How is the skills gap creating a security gap?

As cybercriminals become increasingly sophisticated, security upgrades can seem to be never ending, requiring dedicated resources to keep up with the demand. However, recruiting cybersecurity professionals in Australia has been a challenge due to the skills shortage.

In fact, Sophos’ The Future of Cybersecurity in Asia Pacific and Japan report highlights that skills shortages continue to be a key concern for  Australian organisations in 2022. Sixty-five per cent of firms expect to have problems with recruiting cybersecurity employees over the coming 24 months, with 15 per cent facing a major challenge.

In addition, a global report from Sophos states that 54% of IT managers say cyberattacks are now too advanced for their IT team to deal with on their own. Additionally, 69% experienced an increase in IT security workload.

Ever-evolving threats combined with a lack of in-house cybersecurity skills has seen the rise of cybersecurity-as-a-service (CSaaS) to help organisations deploy proactive defenses without the need to grow IT resources. By outsourcing or augmenting IT teams to include managed cybersecurity services, organisations can mitigate attacks before they occur.

A Managed Detection and Response (MDR) solution is a CSaaS solution that takes an “active monitoring” approach, notifying of an attack and advising on the necessary steps to mitigate the threat.

MDR is more than just a watchdog - it actively monitors and takes action to combat human-led attacks with human-led defenses. The expert team of threat hunters – from analysts to engineers, inventors to ethical hackers – are on the hunt for threats 24/7 and can detect and stop attacks that a business’ existing infrastructure may struggle to spot.

Sophos MDR is built on our Intercept X Advanced with EDR technology and fuses machine learning (ML) technology with expert analysis for improved threat hunting and detection, deeper investigation of alerts, and targeted actions to eliminate threats with speed and precision. The result is what we call a “machine-accelerated human response”. The team will get terminal access to take the appropriate action on behalf of the customer against the cyberthreat.

What’s in it for channel partners?

As a channel partner protecting your clients from the latest cyberattacks is top priority. However, having the right tools, people, processes and knowledge in-house to effectively compete with the current cybersecurity climate, is an ongoing challenge for both you and your customers.

If you or your customer builds a security operations centre (SOC), not only can it be financially draining, but also result in a complex system made up of multiple vendors, leaving holes for attackers to sneak through. By implementing Sophos MDR, you can leverage Sophos’ expertise to supplement or complement your services to customers to ensure round-the-clock support and the active protection they need in today’s climate.

The ever-growing frequency of ransomware attacks has piqued the interest of insurance providers. In the event of a ransomware attack if your customer’s cybersecurity insurer believes weak cybersecurity practices have created gaps in their cybersecurity posture, the insurer might not absorb the risk and may have grounds to not pay. Sophos MDR can help you educate your customers and identify any weak points so they can be addressed and mitigated to meet insurance obligations.

Allowing Sophos MDR to defend and take action takes away the worry of cyberattacks for businesses of all sizes. You can learn more about Sophos MDR here and to read more about the benefits of being a Sophos partner, here.