Sophos

Singapore is one of the world’s most technologically advanced nations and a hub for finance and commerce and, as such, takes cybersecurity seriously. However, as cyber threats proliferate it is proving challenging for organisations to find the capabilities to counter them.

Adding to this stress are the new penalties introduced late last year. Since October 2022, an organisation in Singapore that is found to be in breach of its obligation to protect and care for customer data is liable for a fine of 10% of its organisation annual turnover if the annual turnover is more than $10 million. For businesses with a turnover of less than $10 million, the fine is $1 million – a business-ending outcome for many small enterprises.

The range of threats is growing

As highlighted in the recent Sophos 2023 Threat Report, the breadth and depth of security threats are increasing.  The report notes cybercrime is becoming much more accessible to a broader range of people: “Just as information technology companies have shifted to ‘as-a-service’ offerings, so has the cybercrime ecosystem. Access brokers, ransomware, information-stealing malware, malware delivery, and other elements of cybercrime operations have lowered barriers to entry for would-be cybercriminals.”

Now, there’s also the emergence of artificial intelligence (AI) tools that can help cybercriminals right down to the coding level. Despite the best efforts of developers to recognise and prevent AI tools from being used to generate malicious code, cybercriminals are finding their way around such limitations. It’s only a matter of time before dedicated “ChatGPT for hacking” tools are created and distributed underground.

Shortage of skilled cybersecurity professionals leaves gaping hole in defences

At the same time, there are severe cybersecurity skills shortages across the APAC (Asia-Pacific) region, including Singapore. This is making it difficult for businesses to build the internal resources needed to meet cybersecurity obligations and reduce risk. The APAC region faces a shortage of 2.16 million cybersecurity professionals, and while the Singaporean government is offering scholarships to help boost numbers, it is unlikely this will immediately address the shortfall.

As organisations realise they are unlikely to be able to find the full cybersecurity team they need to handle the growing threats, many are turning to cybersecurity as a service to fill the gap. This is driving spending on managed security services, which is contributing to the 9.8% CAGR (compound annual growth rate) forecasted for overall cybersecurity spending in Singapore through to 2025.

Why cybersecurity as a service may be the answer

A popular form of cybersecurity as a service is managed detection and response (MDR), whereby the provider offers 24/7 threat hunting on behalf of the organisation. However, not all managed security solutions are equal. In many cases, an organisation will adopt an MDR solution to monitor their environment only to discover that when an attack or suspicious event occurs, the “response” only applies to a notification sent. The organisation’s internal IT team still needs to address the threat.

Sophos’ MDR, on the other hand, comprises an experienced team of threat hunters and response experts who will actively neutralise threats on a customer’s behalf ensuring that suspicious activity is stopped in its tracks.

Collaboration and clear communication are the keys to stopping attacks in their tracks

Another challenge that many organisations face when adopting managed services is that the service provider will “take over” and make arbitrary decisions without first consulting with its clients. This can result in confusion or disruption when it’s not properly communicated. Sophos, meanwhile, takes a collaborative approach where the MDR team will notify the organisation before taking any response actions.

A holistic approach will close the gaps

Traditionally, adopting cybersecurity as a service is complex with MDR usually handled in one of two ways:

  • MDR providers use the customer’s existing technology with select and heavily curated third-party technology integrations.
  • MDR providers only deliver services through their own proprietary endpoint detection and response (EDR) technology.

In both cases, the customer is left with complexity and the need to manage at least part of their security environment internally.

Sophos’ MDR solves this by bringing together third-party security capabilities that, in combination with Sophos’ own solutions, cover endpoint, firewall, cloud, identity, email, and other key security solutions. This means the customer can simply deploy the Sophos solution and trust that it has holistic coverage without needing to plug any gaps not covered by the managed service.

Learn more about the Sophos Managed Detection and Response service here.