Sophos Managed Threat Response (MTR) provides 24/7 threat hunting, detection, and response capabilities delivered by an expert team as a fully-managed service.
Modern threats are becoming incredibly advanced, and attackers are using what Sophos and Chess classify as ‘living off the land’ – they utilise the legitimate applications run in an organisation for malicious purpose, i.e. what the Anti-Virus will not detect. MTR provides the human element and detects the threats that the software cannot identify.
Why would organisations require a solution such as MTR?
Often the companies that fall victim to an attack have invested in anti-virus solutions and back-up. However, there is a difference between ransomware and a hacking attack – while the first would be an automated software, the latter is done by an actual cybersecurity criminal who exploits any possible vulnerabilities within your network to gain internal access before launching an attack manually.
What are the most common attacks?
While ransomware, viruses, phishing and spear phishing (a phishing attack targeting a specific individual) are still very high up on the list, we more and more see a combination of these to penetrate a network.
For example, hackers can obtain access to senior members’ calendar and launch a phishing campaign asking to transfer money urgently while the CEO/ CFO are getting on a plane unavailable to confirm.
What are the main benefits of MTR?
MTR is not limited to just reacting to suspicious activity, but also it involves threat hunting proactively and investigating suspicious behaviours on the network.
One of the root causes of incidents in organisations is unprotected devices, which can then be exploited to identify further vulnerabilities within the network. Through MTR, you can identify all devices on the networks, including the ones that are unprotected, to take precautions.
Is having this human-led security better?
The best approach is in combination with automated tools and human expertise. Machine learning helps to scan large quantities of data, but humans will identify the patterns that the AI will have missed, and recommend actions.
Ensuring maximum security in itself is a difficult task for the average IT manager who often faces resource challenges. Nowadays, they are more like a GP and like the doctor can refer you to a specialist.
For more information about Managed Threat Response, get in touch with your Relationship Manager, or contact us on 0330 107 1860.