Sophos unifies threat analysis and response units into X-Ops team

Sophos unifies threat analysis and response units into X-Ops team

Cyber security vendor has reorganised three prominent organisational teams into a single new entity, for more efficient responses to modern threats.

Credit: Dreamstime

Sophos has reorganised its SophosLabs, Sophos SecOps and Sophos AI teams into an umbrella group called Sophos X-Ops, in order to provide a more unified response to advanced threats.

The cyber security vendor said that while its security teams routinely share information among themselves, the creation of the X-Ops team makes that process faster and more streamlined.

According to Joe Levy, CTO and chief product officer at Sophos, the new organisational move is a recognition of the fact that the threat landscape has changed rapidly of late, and that there's an increasing need for collaboration.

"Modern cyber security is becoming a highly interactive team sport, and as the industry has matured, necessary analysis, engineering and investigative specialisations have emerged," he said in a statement. "Attackers are often too organised and too advanced to combat without the unique combined expertise and operational efficiency of a joint task force like Sophos X-Ops."

Sophos said that the new team helps it combat cyberthreats more holistically, combining threat intelligence, ransomware mitigation, and law enforcement liaison to address the causes and effects of cyber crime.

It's an organisational idea taken, in some part, from the criminal side of the cybercrime equation, according to IDC research vice president Craig Robinson.

"The adversary community has figured out how to work together to commoditise certain parts of attacks while simultaneously creating new ways to evade detection and taking advantage of weaknesses in any software to mass exploit it," he said in a Sophos press release. 

"The Sophos X-Ops umbrella is a noted example of stealing a page from the cyber miscreants' tactics by allowing cross-collaboration amongst different internal threat intelligence groups."

Forrester vice president and principal analyst Jeff Pollard said that this type of reorganisation isn't uncommon, and reflects an understanding that siloed teams frequently have different incentives and pull in different directions, to the detriment of the company's overall effort.

"For example, teams that aren't working with the same incentives may lead to researchers that find amazing but impractical exploits, operations teams saddled with tools that do not focus on Analyst Experience (AX), and data scientists that find brand new ways to confirm old knowledge," he said.

Tags sophoscyber security

Show Comments