Sophos on MSP Challenges, Cybersecurity Solutions, and Future Trends in Cyber Insurance

Integrator Media had an exclusive interview with Gerard Allison, SVP, Sales EMEA at Sophos. We delved into key challenges faced by Managed Service Providers (MSPs) in staying current with cybersecurity solutions. Sophos outlines their strategies for maintaining effective security measures against evolving threats and discusses the types of threat intelligence they provide to partners and MSPs. We discussed how Sopho’s Partner Care program aligns with global partner program enhancements and offers insights into future trends in cyber insurance adoption.

What are the biggest challenges MSPs face in staying current with cyber security solutions and technologies in the present scenario?

All MSPs face a common challenge today, the vast array of security products available in the market. Their biggest challenge is how to review, service, install, and deliver these products as a service. This issue is exacerbated by a global shortage of cybersecurity skills, which is even more prevalent in the Middle East region.

There is a skill shortage among customers, so when they have security products, often there is nobody available to monitor these products, check for alerts, and handle remediation. The same challenge exists for MSPs, who are limited by the number of products they can manage. Therefore, MSPs are seeking platforms that integrate multiple technologies and can be delivered as a service.

What Sophos excels at, unlike any other vendor, is being vendor-agnostic. If you are already working with another vendor, you don’t have to discard their product. Our managed detection response overlays existing solutions, helping MSPs deliver their services more effectively.

How does Sophos ensure its security solutions stay effective against the ever-changing cyber threats?

With 37 years of heritage starting in the endpoint, Sophos has established significant credibility in the market. We have ex-ops teams and threat intelligence hunters who continually monitor market trends. Our data lake collects all relevant market information, which we use to inform our customers.

Globally, we serve 580,000 customers, making us one of the largest providers. Our MDR (Managed Detection Response) solution alone has over 22,000 customers within just two years, surpassing the combined customer base of all other MDR companies. This extensive reach allows us to observe and protect a broad range of environments, ensuring comprehensive security for all our customers.  

What type of threat intelligence does the Sophos ex-ops unit provide to partners and MSPs?

We provide threat intelligence directly through our managed detection response (MDR) services. We manage and monitor their network, detect threats, and respond immediately to the customer. Alternatively, we can support an MSP’s SOC by conducting threat hunting and incident response. In the event of an incident, we promptly notify and guide them through resolving the issue. We offer flexible solutions, either handling everything or providing specific components as needed by the customer.

What is the most overlooked cybersecurity best practice that leads to successful cyber-attacks in this region?

Numerous factors contribute to security, but the most critical are people and training. It is essential for companies to ensure that employees are regularly updated on current threats and are aware of basic security practices, such as recognizing phishing attempts. Almost every company has likely experienced an employee clicking on a malicious link, highlighting the ongoing need for comprehensive training in our security efforts.

Do you believe that many companies lack a robust cybersecurity awareness culture?

It is making progress, but there is room for significant improvement. Cybersecurity awareness should not be a checkbox exercise; it is essential for every employee across every company to grasp the basics, benefiting everyone.

 However, training cannot be a one-time event. It must be continuous and ongoing because threats are evolving, including machine-to-machine challenges, reflecting a changing landscape. Human nature dictates that people forget, so regular education and reminders are crucial to reinforce cybersecurity practices effectively.

How does the lack of internal cybersecurity expertise affect both MSPs and their clients in terms of their respective organizations?

In MSPs, the shortage of skills means they lack sufficient time. For instance, at cybersecurity exhibitions like GITEX, hundreds of new companies emerge annually. MSPs are inundated with calls about new products every day or week. Without enough skilled personnel to evaluate these products and conduct proof-of-concepts (POCs), they struggle to keep up with reviewing new technologies.

This skill gap underscores the importance of being vendor-agnostic like Sophos, allowing MSPs to integrate existing solutions without discarding them. Sophos can overlay existing infrastructure or provide a comprehensive platform covering firewall and network security, alleviating the burden on MSPs who cannot manage everything alone due to limited resources.

While MSPs may have personnel, ensuring they are adequately skilled across various domains remains a challenge. In response, there is a concerted effort to enhance Sophos training in the region, with ongoing discussions and plans for regular training sessions hosted by distributors such as Starlink and Logicom in Riyadh and Dubai, both in-person and virtually.

How does the Sophos partner care program align with the overall enhancements in the Sophos global partner program?

Our partner program has received positive feedback for its strong educational resources, competitive margins, and effective deal registration processes. We recently introduced Partner Care as a crucial addition. Partner Care ensures rapid response times, with SLAs guaranteeing that partners worldwide receive immediate assistance when they contact us by email or phone on the same day.

Partner Care handles various needs such as license adjustments and customer inquiries about their licenses or expiration dates. It also supports partners with deal registrations, a significant benefit. Our Partner Portal further empowers partners to become self-sufficient, enabling quicker customer service by facilitating streamlined operations directly within the portal. Ultimately, speed and responsiveness are paramount, and our Partner Care program is designed to meet these demands effectively.

What future trends does Sophos predict in the adoption of cyber insurance and how it will impact companies’ cybersecurity measures?

Cyber insurance is a growing market and will become crucial for businesses to consider. For CFOs and CEOs, having cyber insurance provides clear protection for their data and safeguards the core identity of their company. Interestingly, many companies haven’t budgeted for cyber insurance initially, so the decision often boils down to weighing the cost against the risk.

A notable advantage of having an MDR solution like Sophos is that it can lead to significant discounts on cyber insurance. Insurance providers typically inquire about the cybersecurity measures in place, including monitoring capabilities. By leveraging cybersecurity-as-a-service with continuous 24/7 monitoring, companies can reassure insurers, potentially lowering their premiums.