A hearty welcome to all Cyberoamers!

It’s a good day for Naked Security to say, “G’day!”

That’s because today, Sophos announced that it has acquired Cyberoam, a fellow player in the network security market.

So we’d like to send out a big “Hello” to all our new customers, channel partners and colleagues from the Cyberoam side of the business, and say, “Welcome to Sophos!”

As you can imagine, the business, finance and sales guys are all super-excited. (Please take a look at what the Sophos and Cyberoam CEOs have to say on sophos.com).

We agree that this is a great opportunity for everyone – customers, channel partners and colleagues – because, in straight-talking business terms:

The transaction results in two highly successful companies joining forces, and ideally positions the combined company to succeed in the dynamic and fast growing network security market.

But there’s more to it than that for the techies in both companies.

That’s because we’ll be joining forces against the cybercrooks, too.

As has become painfully obvious lately, modern cybercrime usually relies on the crooks being able to exploit a broad range of security problems to achieve their final goal.

Sophos already has a suite of products that offer what’s known as defence in depth, where the crooks only get in if they can bypass multiple defensive layers, one-by-one, without being spotted at any stage.

But Cyberoam brings us yet more layers of defence, notably to do with SIEM, and with granular, user-based network security control.

→ SIEM stands for Security Information and Event Management, and it means that you take all of the logging data that you or your software invariably collects anyway, and actually do something with it that helps you catch attackers before, during, or at worst shortly after, an attempt at incursion.

In the recent Target breach, for instance, the crooks relied on at least the following holes:

  • Insecure remote login practices by a third party, allowing the attackers to login from outside, apparently without triggering any alarms.
  • Poor or no network segregation, so that logging in as one sort of user (from a project management company) gave crooks a level of access suitable for a very different sort of user (from a payment card software company).
  • Weak security in an application that gave high privileges but with a hard-wired, well-known password.
  • Poor or no change control on cash registers, allowing them to be infected with data stealing malware, again apparently without triggering any alarms.

Both Cyberoam and Sophos products alone, correctly used, can prevent attacks of this sort at multiple points.

But with Sophos and Cyberoam combined, the crooks will have to get over yet more hurdles – and to avoid knocking any of them down, or even rattling them along the way – to win.

So that’s part of the fun we’ll have working with the new members of Sophos’s technical family: the technological aspects of joining forces for stronger defence.

That’s not the only fun, of course: there’s also the “ideas” part, because we’ll all have new-found colleagues to talk to in order to come up with new ways of taking the fight to the Bad Guys.

I’m something of a Sophos veteran, having been around for all Sophos’s acquisitions so far.

I’m happy to say, thanks to the careful consideration that has gone into our acquisitions to ensure good technical match-ups, that the most exciting times have been whenever a bunch of new, research-minded colleagues have come along.

There’s nothing quite like living in interesting times, especially if you work with interesting people.

Bring it on!

Oh, and to repeat what we said at the start, “Welcome to Sophos, all Cyberoamers!”