Putting a firewall or antivirus is no longer enough to stop a cyberattack on a company. Protecting only the mail or the cloud or the data is not going to rid a company, large or small, of the tricks of cybercriminals.
The change in the business model of companies is, in turn, causing a transformation in the way cyberattacks occur. The implementation of teleworking, the massive transfer of systems to the cloud and the integration that companies are doing in these of the supply chains, suppliers, logistics or clients of other companies are creating new challenges from the point of view of cybersecurity .
Criminals are adapting to these changes and taking advantage of them. They have varied their techniques and have adopted a new method in which they combine automatic tools based on artificial intelligence with other more artisanal or manual ones. hands-on they call them, with which they advance little by little with persistence until they infiltrate the system. The attack and its consequences are then devastating.
This tool brings together automation and analysts to create continuously improving protection
“We are seeing that the solutions to protect companies have evolved a lot,” says Ricardo Maté, director of Sophos for Iberia and southern Europe, a company specialized in cybersecurity resources. Before, there were people who managed different components of cybersecurity. “Now a holistic solution is needed to protect companies, detect attacks before they occur and respond dynamically and more effectively without affecting the company,” he reflects.
Sophos’ tool for dealing with these changes is called the Adaptive Cybersecurity Ecosystem, ACE. It is about “a set of solutions that includes automation and analysts, in addition to the collective contribution of products, partners, Sophos customers and developers, to create continuously improving protection, a virtuous cycle of constant learning and progress, ”explains Maté.
The first one is Sophos Labs, a place where almost half a million samples of malware unique; To this is added a repository of all this accumulated information and, last but not least, artificial intelligence that is capable of predicting what is going to happen, making all this data available to clients in a proactive way.
Then “there is a whole layer of products that allows to protect all the components of the systems of any company, from workstations, servers, mobile devices, Wi-Fi, the cloud, etc.,” Maté summarizes. All this is managed From a single console, Sophos Central, which is hosted in the cloud, this avoids setting up a physical infrastructure in customer data centers.
This set is completed by what is called a data lake. Here all the information that comes out of these products is stored in a kind of history that is alive, since “with AI predictive searches are made to take immediate action against any potential attack”.
“All these products speak to each other and are capable of making predictive and proactive decisions by providing information to each other, in what we call synchronized security”, He points out.
It is a good solution for those SMEs that do not have too many resources
This adaptive cybersecurity ecosystem brings two final benefits. The first one is that these systems have a set of applications that allow any manufacturer to integrate their solutions through API’s, providing more value.
The second is particularly noteworthy in a business environment such as Spain, 98% made up of SMEs and micro-SMEs that do not have resources to allocate to cybersecurity. “From Sophos we offer them the possibility of carrying out all this monitoring 24 hours a day and seven days a week to look for threats and detect them before they are difficult to stop and there is no choice but to pay,” he says.
This ecosystem made up of various pieces that fit together to form a puzzle is what makes it “so unique and special,” he concludes.
If you want to know more details about the product, you can download here the tutorial prepared by Sophos.
In just one year, the average cost that companies have to face to fix the consequences of a security attack ransomware it’s been duplicated. It has gone from 760,000 dollars to 1.85 million.
It is only one of the data that the report contains The State of Ransomware 2021 compiled by Sophos from a survey of 5,400 companies in 30 countries around the world.
37% of the companies surveyed acknowledged having been affected by this type of attack in the last year. The largest and the sectors related to retail and education have been the most frequent targets of attacks. In Spain this percentage rises to 44%. The reinstatement costs $ 500,000.
However, attacks have been reduced compared to the previous year, since in 2020 the rate of affected companies stood at 51%. These data show that “the defenders are winning the battle against the attackers, we are making it more and more difficult every time”, highlights Ricardo Maté, director of Sophos for Iberia and southern Europe.
Even so, it recommends accepting that any company is susceptible to an attack and that it should be prevented by making backup copies, deploying layered protection, combining technology and human capacity, putting together a recovery plan for malware and refusing to pay the ransom.