August 2019

To understand the need for Endpoint Detection and Response (EDR), let’s begin by discussing the cybersecurity environment. To give a sense of scale, our own cybersecurity experts in SophosLabs process 500,000 never-seen-before malware samples each day. In 2018, the National Institute of Standards and Technology (NIST) reported that 16,451 software vulnerabilities were discovered. The challenge […]

Ransomware has recently vaulted to the top of the news again, as devastating attacks continue to impact government, education and business operations in many jurisdictions, particularly in the United States. These attacks start in a number of ways – some start with a phishing email, others begin with hackers leveraging vulnerabilities in networking stacks to

For the 11th time in the last 11 reports, Sophos has been named a Leader in the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms. What makes Sophos a Leader? We believe our placement is driven by our strong endpoint protection, real-world endpoint detection and response (EDR) usability, as well as our unifying platform, Sophos

A corporate data security policy that sets out how valuable information should be handled will be ineffective unless it’s consistently and accurately enforced. Organisations often have a written policy that’s available on their company intranet and handed to new starters. In practice, however, employees are rarely sure how to apply it to their daily activities.

By classifying data according to its value or sensitivity, organisations can reduce the risk of security breaches by ensuring that appropriate protections are implemented and consistently enforced. Having identified your ‘crown jewels’, and other data that needs safeguarding, it’s time to carry out a discovery exercise to find out exactly what you’ve got, where it

Using data classification as part of a strategy to secure corporate data assets is sometimes referred to as ‘locking up the crown jewels’. But data security neither starts nor ends with the act of controlling access to information. Nor should a security policy be limited to protecting only the most valuable data; even less critical

Despite the past year’s global focus on GDPR and other data privacy regulations designed to give consumers more power over their data, more than half (55 percent) of consumers still don’t know how brands are using their data, according to the Acquia survey of more than 1,000 U.S.-based consumers. On top of that, 65 percent don’t even

Earlier this year the North Carolina county of Cabarrus in the U.S.A. was hit by a BEC scam, incurring loses to the tune of over $1.7m. Sadly, this is just one example of an increasingly common – and devastating – attack. Business Email Compromise (BEC) is where cybercriminals combine social engineering with phishing techniques to

Artificial intelligence and machine learning are persistently in the headlines with rich debate over its next advances. Will cybercriminals further leverage machine learning to craft attacks? Can defenders build a machine learning model capable of detecting all malware? We believe machine learning is an essential and critical piece of cybersecurity, but it must be only