Project Galileo is still ongoing and critical to company's success: Sophos
By Goh Thean Eu September 29, 2016
- Sophos Central is a result of Project Galileo
- It simplifies the combating of cyber threats, and allows faster response time when an incident hits an organisation
ABOUT two years ago, UK-based IT security company Sophos announced it was embarking a so-called Project Galileo.
The project is essentially about integrating endpoint and network security, and it involves providing 'four dimensions' of security.
However, over the past year, there were not many news on Project Galileo -- which raises the question if the company has abandoned the project.
"Project Galileo is an ongoing thing internally. In fact, some of the products we launched over the recent months are the result of the project," said Sophos Asia Pacific technology solutions director Justin Peters during a media briefing in Kuala Lumpur recently.
According to its then chief technology officer Gerhard Eschelbeck, who is currently Google's VP of security and privacy engineering, the concept of Project Galileo was a game changer. He said that most IT security vendors are only offering two-dimensional security.
The first dimension of security involves "what is coming into the device or what kind of content is being downloaded", while the second dimension involves monitoring the behaviour of application.
In order to provide four dimensions of security, the security solutions must also be able to identify what kind of traffic is emitting from a device, as well as to understand what is happening to the device over time.
"That's important. If you look at some of the high profile attacks, what happens is after they are known to have been compromised, it would be determined that the event that led to the compromise happened three to five months back, but was unidentified and undetected at that time," said Eschelbeck then.
Synchronising security management
Peters with his team from Sophos APAC and South East Asia came to Kuala Lumpur recently, and shared the company's new cloud-based management platform dubbed Sophos Central.
Sophos Central is an integrated management platform that simplifies the administration of multiple Sophos products and enables more efficient business management for its partners.
"Sophos Central is part of the product that comes as a result of our efforts in Project Galileo," said Peters.
The integrated security platform of Sophos Central has three core components: Sophos Central - Admin, Sophos Central - Partner and Sophos Central - Self Service.
Sophos Central - Admin, previously known as Sophos Cloud, allows IT to manage all their Sophos products in one console including endpoint, server, mobile, web and others.
Sophos Central - Partner, formerly known as 'partner dashboard' allows partners to manage their Sophos licensing, identify and track cross-sell or upsell opportunities.
Meanwhile, the Sophos Central - Self Service is expected to be launch later this year. The solution allows end users to manage quarantined email, self-service device provisioning, as well as the secure configuration of wireless access points and hotspots.
The idea of launching these solutions is to make combating cyber threats, and managing them as easy as possible.
"We see too many customers crushed under an avalanche of security tools that are too complex to manage effectively. Sophos Central simplifies this for partners and customers by bringing their Sophos products into one management platform. The synchronised real-time information sharing enables a faster response to incidents and improved security for organizations of all sizes," Peters said.
Ransomware and Cryptoware
During the briefing, Peters said that ransomware and cryptoware threats are on the rise, and that it is wrong to perceive that these threats will only affects certain type of devices.
"I think there is a blanket misconception that Apple products do not get malware attacks. In fact, there is an increasing variants to cyber-attacks. With the growing Internet of Things trend, there will be more attack surfaces available as there are more platforms that transfer data across various devices," he said.
He added that cybercriminals are also using encryption to extort money from victims.
"As we seen in a lot of cases in the region, ransomware and cryptoware have been prevalent recently. There's not enough skills in the industry, the rate that it progresses makes it very hard for an individual IT person or a small team to keep up to date with these challenges," said Peters.