Organizations are nowadays more susceptible to cyber attacks due to a vast (and often poorly secured) modern attack surface. This extends far beyond traditional on-premises IT infrastructure; it's affecting a growing number of external and internet-facing assets, as well.
The Sophos Active Adversary Report identified three critical steps to mitigate the risk of cyber attacks, including ransomware.
The first is to restrict remote desktop protocol, or RDP, access: Leaving RDP – a protocol for remote device control – exposed creates a prime entry point for attackers. The second is to enable MFA because MFA adds an extra layer of security beyond passwords, which makes unauthorized access more difficult.
Third is to patch vulnerable servers. Unpatched vulnerabilities in server software are a common exploit for attackers. Consistent patching is essential for maintaining a secure environment.
By prioritizing these measures, organizations reduce their attack surface and bolster their defenses against cyber attacks. And Sophos has a solution that can do all three thanks to a strategic partnership with Exposure Management company Tenable. Through the partnership, the two will provide Sophos Managed Risk, a worldwide vulnerability and attack surface management service.
Sophos Managed Risk offers several key benefits to help organizations manage their external attack surface.
It provides External Attack Surface Management. This means it identifies and classifies internet-facing assets, including web and email servers, web applications and public-facing API endpoints. This creates a clear picture of an organization's digital footprint.
Sophos Managed Risk offers continuous monitoring and proactive notification. The service will actively monitor these assets and promptly notify the organization when a new critical vulnerability is discovered. This allows for swift action to address the threat before it can be exploited.
Lastly, Sophos Managed Risk prioritizes vulnerabilities. It quickly identifies high-risk vulnerabilities and zero-day threats. The service then provides real-time notification to make certain that critical internet-facing assets are addressed in order of importance. This helps organizations focus their resources on the most pressing threats.
“Sophos and Tenable are two industry security leaders coming together to address urgent, pervasive security challenges that organizations continuously struggle to control,” said Rob Harrison, Senior Vice President for Endpoint and Security Operations Product Management at Sophos. “We know from Sophos’ worldwide survey data that 32% of ransomware attacks start with an unpatched vulnerability and that these attacks are the most expensive to remediate. The ideal security layers to prevent these issues include an active approach to improving security postures by minimizing the chances of a breach with Sophos Managed Risk, Sophos Endpoint and 24x7 Sophos MDR coverage.”
The new service features a dedicated Sophos team that leverages Tenable's exposure management technology and collaborates with the security operations experts from Sophos Managed Detection and Response to provide attack surface visibility, continuous risk monitoring, vulnerability prioritization, investigation and proactive notification designed to prevent cyber attacks.
“A winning approach includes risk-based prioritization with context-driven analytics to proactively address exposures before they become a problem,” said Greg Goetz, Vice President of Global Strategic Partners and MSSPs, Tenable. “Sophos Managed Risk, powered by the Tenable One Exposure Management Platform, delivers outsourced preventive risk management, enabling organizations to anticipate attacks and reduce cyber risk.”
Sophos Managed Risk is available with a term license through Sophos’ global network of channel partners and MSPs. A Sophos MSP Flex version will be available in 2024.
Edited by
Alex Passett