Sophos Rapid Response cyber security service. (Image: Sophos)
The Sophos Rapid Response service targets organisations that do not have the resources to maintain its own cyber security response team, and offers round-the-clock responders and analysts.News18.com Last Updated: November 05, 2020, 18:08 ISTFOLLOW US ON:
Cyber security consultancy firm Sophos has announced the setting up of Sophos Rapid Response. Calling it an “industry first” service, Sophos claims that it is a remote threat incident response service that can be onboarded to a company within hours, provides around the clock service, and can help organisations control escalating cyber attacks of varying nature. Sophos claims its expertise in battling ransomware can help organisations prevent major financial and data damage in case of severe ransomware attacks, the way global ransomware campaigns such as Ryuk and Maze have impacted organisations across the world.
Think of this as a bodyguard service, but for your data. The Sophos Rapid Response service works on a fixed fee, 45-day engagement model, which organisations can renew as per requirements. It comes as a response to the growing ecosystem of malware as a service products being circulated among cyber criminals, which essentially offer cyber attackers with ready to deploy tools that cash in on zero-day vulnerabilities and IT infrastructure gaps. They then infiltrate organisation networks, steal or encrypt their data, and then drop the main ransomware payload in order to demand for hefty ransoms. It is this that Sophos’ Rapid Response team will reportedly investigate on, to ensure that there are no irregularities in company networks – including files that are being downloaded to servers.
Peter Mackenzie, incident response manager at Sophos, said on the matter, “Readily accessible tools make it possible for attackers to net bigger pay-outs in one week’s worth of work than most people will make in their lifetime. Criminals infiltrate networks and stealthily plan their attacks in the background, before strategically launching ransomware as the final payload – often during the overnight hours when no one is watching in order to execute on as many machines as possible.”
The Sophos Rapid Response service is certainly just one of the first in the world to introduce threat hunters and analysts as part of a subscription service. With a growing variety of cyber threats around the world, such cyber security services will likely become common and increasingly important – particularly for smaller organisations that may not have the bandwidth to implement round-the-clock active network monitoring of its servers. Such organisations typically leave it to security tools that often take too long to update their signature certificates and databases, as a result of which zero-day threats easily bypass the cyber security filters.