Story image

Exclusive Interview - Sophos’ next-level AI security solution

31 Jan 2018

Sophos claims their new cybersecurity offering for SMBs is “the best bar-none” thanks to its comprehensive deep learning AI approach.

ChannelLife sits down with Sophos Australia and New Zealand general manager Ashley Wearne to talk proof, and how partners can gain from this advanced tech.

How does Sophos operate in the A/NZ region?

The only way we go to market is through the channel. Our focus is on distribution to businesses.

Can you talk a bit about Sophos’ new offering?

We have announced a product designed specifically for SMBs and their partners, that we believe is best endpoint protection in the market, bar-none.

Intercept X came out last year to stop ransomware at the same time as the WannaCry attack. As a result, it became the most successful product in Sophos’ history.

Now we have upgraded it again by inserting deep learning neural networks - a type of machine learning that is far more advanced than anything on the market so far.

Now, we’re a British company so normally we say that we have an offering that is quite good, but this time we’re willing to say, "we have the best offering available."

What will this change mean for channel partners?

It is a fantastic opportunity as our software sits alongside current solutions to increase clients' security. You don’t need to rip out your old systems for it to work.

75% of those attacked are running up-to-date endpoint protection and are still hit by ransomware. Those products clearly aren’t working.

People know what ransomware is and 80% of people surveyed believe that they will be hit. That’s a huge client market.

How can channel partners capitalise on this product?

This is a very simple product to use and sell because we know that it won’t make money if it is complicated. A customer can click on a link for a 30-day trial and it just installs the trial there and then.

The partner can see how it is working from their office so they can use that information at the end of the trial. Once the trial is completed, the customer pays online and it’s done. It is as simple to sell and install as possible.

We know this is a good model because it is building on the success of the prior version of Intercept.

Our approach is all designed for partners to answer their clients' questions and to make them money.

It seems like AI has only just hit the cybersecurity market. How is deep learning AI different to other ‘next-gen’ offerings?

Machine learning in the past has been clumsy and large because it works using a series of decision trees.

It takes 100-500 milliseconds to figure out which files are potentially good or bad and results in a 500MB-1GB file. With our offering, we’re talking about 10 milliseconds and 10MB-20MB.

The old machine learning also provided a lot of false positives and blocked too much. What we did was load up all previous attacks and fed it to the software.

You loaded up all the attacks since when?

Well, ever. We loaded every attack that has ever been seen.

We have a big research department that went through and labelled these attacks very accurately. We have identified 27 fundamental techniques that hackers use and our new approach identifies these techniques and stops hackers and ransomware, as well as malware.

Is this an extension of the current models of machine learning in cybersecurity?

This is the next generation. The current models have limitations, they become ineffective quickly and so we knew we needed something different.

That’s why we looked at deep learning, which was already being used by Google and Microsoft in a variety of different ways.

The trouble is that it initially consumes immense amounts of data, so our advantage was our computing power and space to run data during production at Sophos, which produced the algorithms that sit on a computer. It’s actually quite spooky some of the things that it can do.

Could you describe one of these spooky things?

After one day we already have 130,000 endpoints running this product, and in one day it has already picked up more than a dozen cases of a DoublePulsar attack, which is tool a used by the NSA and stolen by hackers last year. The software had never seen that attack before and is already able to prevent it.

50% of companies were hit by ransomware last year. Of those, most were attacked twice. A lot of people have to pay which generates huge amounts of revenue for hackers and that’s why it will continue to be a threat.

This tool will stop ransomware, other exploit utilisation, as well as attacks that have never been seen before.

That’s bold statement.

It is. A bold statement from a bashful company.

Five things MSPs need to keep in mind in 2019
A Datto APAC channel exec outlines the most important factors for MSP to being paying attention to in the coming year.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nozomi and RIoT to deliver advanced ICS security solutions to Australia
''As a specialised integrator of robust and resilient ICT and IoT solutions within Australia, we are delighted to be partnering with Nozomi Networks."
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.