Nmedia - Fotolia

Sophos CTO benefitting from channel insights

The channel is being given a chance to provide Sophos with advice over future product strategy, which is something its CTO is grateful for

Cyber security is a subject that has the potential to keep anyone worried about protecting data wide awake at night and understandably those responsible for crafting the defences that millions of users rely on are no different worrying about just what the future might hold.

Every day opening a newspaper or logging onto a new site holds the promise of providing some information of the latest breach and yet more examples of large and small firms that have fallen victims to the latest threats.

For the channel the good news is that there cannot be many customers that entertain the idea of reducing the IT security budget. The challenge though is working out just what solutions to pitch to customers desperate to feel safer.

Joe Levy, CTO of Sophos, is aware of all of the fears that surround the growth in the connected world and IoT, but it is the danger of encrypted data that worries him right now.

With the prospect of more and more data becoming encrypted there is a challenge as a security company being able to grasp that data and make sure that the nasty things that the criminals have also sent to attack the network can be detected and disrupted.

If everything is encrypted then it is going to be very difficult for security vendors to keep users protected and as that issue takes shape there will be many hours that could have been spent asleep being spent thinking about a solution to that particular problem.

He also spares some thoughts for the growing threat from IoT and wearables because the addition of more mobile devices widens the attack surface and gives customers and channel partners more things to think about and protect.

The way that Levy and Sophos are looking to make sure that customers are protected and resellers can sell in confidence is to link up protection of all parts of the business to gain a more holistic picture of what is happening across the enterprise.

If the end point activity can also be linked with the internal network defences then it is going to be easier to not only get a more complete picture of what is happening but also harder for the hackers to find a weak link to exploit.

"We started to learn about the network capabilities and the end point capabilities and we have made substantial progress on linking the network and the endpoint," he said.

That becomes even more important given the growth of mobile and cloud and the addition of even more end points that the business will need to protect, from the PC in a worker's home to the smart watch connecting to the email server.

"All are performing silent and regular updates and if there is insufficient security it is possible for someone to install malware on the home network," and Levy is not impressed with the defences that most people have around those network vulnerabilities.

Sophos is busy working on developing the solutions that will meet the needs of those customers looking for security to cover a wide surface area and has only just taken the wraps off its synchronised security to endpoints and networks with its Security Heartbeat approach.

The vendor has produced the XG series of next generation firewalls and UTMs, which makes it possible to see what is happening inside and on the edge of the business making it quicker to link the two and make it much harder for coordinated attacks to get through.

The channel will have played a major role in shaping the final release of those XG products. Levy recently attended a channel CTO session where the technical experts from a number of partners get together with the product teams at the vendor and talk about just what is coming down the pipeline.

Sophos has been listening to partners like this for a while and is prepared to take feedback and change its products and many of the improvements in functionality, to meet the needs of SME customers in particular, have come as a result of the channel CTO sessions.

"There is no substitute for that. In the absence of this direct dialogue we would become an echo chamber and that is not a good way to do things," added Levy, "The channels have wonderful ideas on product improvements."

Early Days

Having joined Sophos in February of this year it is still fairly early days for Joe Levy in his time as Sophos CTO but he comes to the role with a wealth of experience in the IT industry.

His career started at an integrator and involved developing firewalls to protect enterprises from the threats of the day. He then enjoyed working at some start-ups and and saw them grow into acquisition targets. His time in that part of the industry has given him familiarity with managed services and just what it takes to bring products to market.

His CV also includes some time as CTO at SonicWALL and then he held the same position at Blue Coat Systems, which he had joined after it bought out his former employer Solera. Less than  two years after that acquisition he got the call to consider making the move to Sophos.

Sophos has always boasted of being 100% channel and the openness it has with partners is part of a culture that views resellers as true partners with a real value to add to the business.

Levy acknowledges that the work of his colleagues in the global channel team have helped create a stable and trusting relationship and the strong indirect culture had been one of the benefits he had discovered came with working at Sophos.

When it comes to the fight against cyber criminals he is optimistic that the battle is being fought as hard as it could be by an industry determined to protect customer data.

"You win some days and you lose others. Every battle provides intelligence and there are benefits from lessons learnt. The criminals are in the business of coming up with ways to evade security vendors. I would like to think I am creating a harder environment and forcing them to find another source of work," he says.

Read more on Data Protection Services