Security Operations , Security Operations Center (SOC)

Sophos X-Ops Debuts to Thwart Complex Cyberattacks

Joe Levy on How New Expert Service Can Stop Sophisticated Attackers in Their Tracks
Joe Levy, chief technology and product officer, Sophos

Ransomware operators, crypto miners and initial access brokers are increasingly targeting the same networks for compromise, creating a new and complex set of challenges for defenders.

See Also: 13 Essential Criteria to Consider For Cyber Resilience in IR & SoC Teams

In response, Oxford, U.K.-based Sophos has brought together three teams of cybersecurity experts within its own organization to help businesses better defend against constantly changing cyberattacks. Joe Levy, Sophos' chief technology and product officer, tells Information Security Media Group the creation of Sophos X-Ops will put the company on more equal footing against fast-moving adversaries (see: Sophos Buys Startup SOC.OS to Spot Attacker Activity Sooner).

"You need to have security operations teams that can run at scale and you need to have a data science team that works really closely with this security operations center," Levy says. "And then you need to have a labs function that is actually able to perform the analysis and push this new threat intelligence into production. And that led us to the conclusion that we have to have a structure like Sophos X-Ops."

In a conversation with ISMG, Levy also discusses:

  • Why the changing threat landscape necessitates a new response;
  • The importance of bringing AI into the SOC;
  • Real-world examples of what Sophos X-Ops can solve.

Levy leads the company's technology and product strategy worldwide, driving product and services vision and innovation to enable Sophos to deliver better cybersecurity outcomes. He has more than 25 years of leadership and development expertise, focusing on cybersecurity. Prior to Sophos, Levy was CTO for Blue Coat Systems following the company's May 2013 acquisition of security analytics pioneer Solera Networks, where he had served as CTO since 2008. Prior to Solera, he was CTO of SonicWall, where he led research and development teams with concentrations in the areas of next-generation firewalls, deep packet inspection, cryptography and secure remote access.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.