Sophos, a renowned global frontrunner in pioneering and delivering cybersecurity through service, introduced its groundbreaking offering – the Sophos Incident Response Retainer. This new service facilitates swift access for organizations to Sophos’ pioneering incident response service, which operates on a fixed-cost basis and encompasses 45 days of round-the-clock Managed Detection and Response [MDR].
By eliminating bureaucratic hurdles, this retainer empowers Sophos’ incident responders to promptly engage in active cyberattack scenarios, conducting investigations and implementing remedies. Furthermore, the retainer encompasses external vulnerability scanning and essential preparedness guidance. This equips organizations to proactively enhance their existing security resilience by identifying and rectifying issues that could otherwise result in breaches.
In an era where the duration of attacker presence is progressively contracting – a finding unveiled in the newly released 2023 Active Adversary Report for Tech Leaders by Sophos – the swiftness of detecting and eradicating adversaries is pivotal in minimizing damage and effectively thwarting malicious endgame objectives like data breaches and ransomware. The report underscores that the median time adversaries remain undetected has continued to plummet, decreasing from 10 days in 2022 to merely eight days in the first half of 2023. Notably, for ransomware attacks alone, the interval between initial access and impact has dwindled from nine days to just five. Adversaries exhibit a preference for executing attacks during the nighttime and weekends of their targets, with a mere 9.6% of ransomware incidents occurring during regular business hours. The report highlights that the most frequent attack times were Fridays between 11 p.m. and midnight, according to the local time of the targeted entities.
Rob Harrison, Vice President of Product Management at Sophos, emphasized the importance of incident response retainers, describing them as preemptive measures enabling organizations to ready themselves for the quickest possible response to counter ongoing cyberattacks. In the backdrop of intricate heterogeneous computing environments, skill scarcities, evolving attacker tactics, and the requisites of cyber insurance, Harrison stressed that pre-established incident response plans have become indispensable. He noted that tangible preparedness now stands as a pivotal element of cyber resilience. Harrison further stated, “Sophos’ mission is to halt ongoing attacks instantly and ensure complete remediation, regardless of the duration required. We are the sole security provider offering such high-caliber retainer services for urgent security incidents.”
Chris Kissel, Research Vice President for Security and Trust Products at IDC, highlighted the criticality of a proficient incident response team, noting that despite significant investments in cybersecurity tools, a substantial 65% of organizations suffered significant breaches in the past year. Kissel emphasized that addressing unforeseen cyberattacks demands expediency, comes with stress, and incurs substantial financial commitments. He noted that the most effective way to curtail time, costs, and the repercussions of a breach is to have a seasoned incident response team in place and prepared before adversaries strike.
The Sophos Incident Response Retainer is accessible through three tiers via Sophos’ global partners. This offering is open not only to existing Sophos customers benefiting from the company’s extensive array of innovative security products, including endpoint, network, and email security, but also to non-Sophos customers. Notably, Sophos MDR Essentials users can also avail themselves of this retainer. For existing Sophos customers, the retainer encompasses additional services like endpoint configuration health checks and device audits. Organizations seeking comprehensive services in a consolidated package can opt for Sophos MDR Complete, which inherently includes full-scale incident response.
Jonny Scott, Vendor Alliance Manager at Phoenix Software, expressed enthusiasm for the Sophos incident response retainer, deeming it an invaluable resource for partners to empower customers in proactively augmenting their cyber defenses. He lauded the fixed-cost pricing model of Sophos Incident Response, acknowledging the dynamic nature of attack scenarios and the rapid accrual of costs. Scott highlighted the comprehensive assortment of features within the retainer – spanning from vulnerability scans and breach prevention to having an expert team on standby 24/7, ready to confront adversaries – which renders it an essential asset.