Ben Love [00:00:03]:
Hello and welcome, everybody. Welcome to today’s webinar. Cybersecurity evolved, I should say. My name is Ben Love. I’m the managing director of Grassroots it and I’m joined here today by Geoff Morrison from Sophos. Good morning, Geoff.

Geoff Morrison [00:00:20]:
Good morning, Ben, and thanks everybody for joining. It’s great to be here today.

Ben Love [00:00:23]:
Fantastic. Now, I will hand over to Geoff in just a minute. But first, by way of introduction, Geoff has more than ten years of experience in the IT industry. Seven of those spent as an IT manager in the recruitment space and three years in management roles at a leading australian MSP, not grassroots it. Unfortunately, during his time in the industry, Geoff has been tasked with the design and management of various projects, helping organizations to reduce their year on year it spend and increase productivity and security. His experience has seen him work on the front line of it, including managing businesses end to end it infrastructure. As such, he has a thorough understanding of what businesses need to deliver on these cybersecurity objectives. Jeff, over to you.

Geoff Morrison [00:01:12]:
Thanks, Ben, and like I said before, thanks everybody for joining today. Just before I jump in to the content, I’d like everyone just to keep in mind something that I refer to as the three R’s. So while I discuss all the latest cyber trends and what we’re seeing with attackers and what they’re doing, just keep in mind the revenue implications. If what your business would happen, what would happen to your business if it was attacked, what would happen to your reputational damage and what type of regulation control would you come under? So would you need to report any.

Geoff Morrison [00:01:43]:
Type of breach to the privacy commissioner.

Geoff Morrison [00:01:46]:
Or to anyone else within the australian government? With that, I’m going to jump straight in and look at some of the latest statistics from our latest research that we’ve done with Vans and Braun. Who here has ever heard anyone in your own organization or outside at maybe a barbecue saying what are the real chances of an attack happening? To me, it’s a common question and especially with the australian mindset of us being on a remote island with no interest to an attacker. But this mindset has to change to an attacker. They don’t actually care where we are. We’ve got money and we’ve got an Internet presence, therefore we’re a target. And if we look at these stats that are shown here on the screen now, 74% of people surveyed out of Australia had suffered a public cloud security incident within the last twelve months. 69% were breached through a security misconfiguration and data security is the biggest security concern for customers with 74% of organizations using the public cloud, and I’m sure lots of people on the webinar today are also using the public cloud and may or may not even be aware that there’s this thing called the shared.

Geoff Morrison [00:02:57]:
Responsibility for the public cloud.

Geoff Morrison [00:03:00]:
It’s great that the platform is there for us to use, provided by your Microsoft and Amazon and Google of the world, but did you know that it’s your responsibility to make sure that that’s secured. It’s just their responsibility to give you the platform to host your data on. So that’s something else to keep in mind. Now, moving into the australian threat landscape. So what I’m showing you here is straight from our Sophos labs team, who is the mastermind essentially behind our Sophos products and is the data science team that makes sure that we’re protected and puts everything together. But what we’re seeing here is a breakdown of the threats that we’re seeing. So we’ve got advanced malware, which makes up 45% of attacks, and with that, we’re seeing those zero day attacks being launched. Those are ones that have just been discovered.

Geoff Morrison [00:03:49]:
No one’s released a patch to fix their product or fix their program, and they’ve got multiple stages to the attack, so they could be getting in through something called a worm or a trojan, maybe even through a PDF. And then essentially what they do is they use that to get into your organization and then take further steps underneath. So it has multiple layers, like I mentioned. But what it could be doing, it could be, say, getting onto your machines for a zero day attack might be stealing some credentials. So maybe those saved credentials within your chrome browser, and then it will maybe take your email addresses out of your outlook. And then as a nice thank you, on the way out, it’ll encrypt all your files and try to hold you at ransom. So not only is it stolen data, but now it’s actually trying to stop you from doing your job because it’s held your computer at ransom. There.

Geoff Morrison [00:04:36]:
We’ve then got a category of.

Ben Love [00:04:47]:
I’m sorry, we seem to have just lost Geoff’s audio there. Apologies. Geoff, are you there?

Geoff Morrison [00:05:11]:
And then move from endpoint to endpoint. Ben, just confirming you can still hear me there. My microphone has just decided to dial me.

Ben Love [00:05:27]:
That’s all right, Geoff, you’ve just come back for the audio for me now.

Geoff Morrison [00:05:31]:
Okay, where did I drop off?

Ben Love [00:05:35]:
You were talking about the second type of threat that we were talking about.

Geoff Morrison [00:05:39]:
Okay, so I’ll just backtrack there a little bit for you all. So, back to financial malware. Thanks for the responses there from David and Annie. So, financial malware is there to steal your banking credentials. So literally steals them either out of your browser or tries to take them while you’re entering them into your website. And that comes through the like of emotet, Bridex, and Trickbot. And you might not have heard of those things before, but I can guarantee you now that I’ve mentioned them, you’ll probably hear about them a lot more. We’ve then got active adversary, and that is there to get into your environment, maybe steal the IT admin password from someone, and then escalate itself to be the IT admin within the organization.

Geoff Morrison [00:06:22]:
So basically hold the crown, hold the keys to the castle, and then we’ll move laterally, which is called lateral movement. So we’ll move from computer to computer, and essentially, the end game there is to get onto your servers. And then we’ve got crypto mining. Crypto mining, that kind of jumps up anywhere from four to type of 20% is where we see the jumps, basically, depending on the price of cryptocurrency at the time. But that could be legitimate and malicious use of your cpu. So people do do it as a legitimate way to generate currency. There’s nothing wrong with that. Where it does become a problem is when this is used against your will or something that you haven’t asked for it to be done, and people are then using your computing power to generate digital currency on their behalf.

Geoff Morrison [00:07:06]:
And we see a lot of that within the cloud computing space, where people haven’t configured their security correctly in the cloud, because essentially, there’s no stop on the amount of resources they can use in the cloud. The only thing that’s going to stop you is your bill and maybe your credit card bouncing from all those resources. Then I thought I’d move it back into something a little bit closer to home. And I’m not Scott Morrison and not related to him at all, so don’t hold that against me throughout this webinar today. But him and the government released this thing called Advisory 2028 about a copy paste compromise. So originally, they got up in the news and said, hey, Australia is under a lot more attack than we’ve ever been, and we need to all be more vigilant. Our Sophos labs didn’t really see any type of rise in attack. We just saw different types of attacks happening due to Covid.

Geoff Morrison [00:07:59]:
Right. So now that everyone is away from the office, there’s more of an attack surface that attackers can get in. We’re all working from home or cafes wherever it may be now, more often. And so there’s more ways people can get into your network because you’re essentially not secured behind your corporate firewall and the safe walls of your office. This advisory came out that was called the copy paste compromise. They then released a whole bunch of tactics and techniques and also said to local councils in Victoria, especially the government down there, mandated and said, any local council, you’ve got to be able to search for these in your environment and make sure that you’re okay. Lots of places don’t have anything to be able to help them with that. Our InterceptX product with EDR can actually assist you to make sure that you don’t have any of those, what we call indicators of compromise.

Geoff Morrison [00:08:50]:
One way you can make sure that your organization is protected. Ensure that your patching is up to date across all your computers and servers. Mobiles also come into play there. Use multifactor authentication wherever you can. I know the guys from grassroots it talk about multifactor a lot. You probably get sick of them talking about it with you, but it’s really important to consider using that, not just for work, but also for personal. Myself, I look at any application that I’ve got, any website that has my credentials, and I make sure that is there an option for multifactor? If not, what else can I do to make sure that I’m secure? Also, don’t be afraid to report any type of breaches to the AcSE. The AcSE is actually here to help you.

Geoff Morrison [00:09:36]:
They’re not here to hinder you or penalize you in any way or shape or form. That’s the job of the privacy commissioner. But you also do need to consider the need to report to the privacy commissioner, because reporting costs far less than being found out about a breach as well. Now, with this slide, I’d like you all to think about and imagine that the Internet is just one big hallway full of multiple doors on either side, right? And leaving that door open, who knows what could happen to you or your organization if you’re not secured? And then we start to hear people talk about the ODS again. What are the ods of? Getting struck by lightning. Nearly one in 1 million dating a millionaire. Nearly one in 220. But experiencing a data breach, either personally or as a corporation, is one in four.

Geoff Morrison [00:10:27]:
So it’s really not if it’s going to happen to you anymore, it’s when it’s going to happen and how you can respond to that as an organization to make sure that you’re secure and have a response plan in place. Now, you might be thinking, why do people do this, Jeff? Why are people out there doing all these horrible, horrible things to me, my friends, and all these organizations that we’ve already spoken about? Well, why they’re doing it is because of the money they can make. If you look on this slide here, you can see that trade secrets and ip theft of your organization turns over an annual revenue of 500 billion usd. Ransomware alone is $1 billion industry. Now, we’d all love our businesses to be making this type of money. Unfortunately for us, we’re all here doing the right thing. It’s unfortunate how much money these cybercriminals are able to make and essentially use us against us. And they do it in really small increments.

Geoff Morrison [00:11:24]:
So you’re doing the right thing, right? So you actually pay for your Netflix account. You don’t use your brothers, your sisters, or your friends, but here you’re paying that monthly subscription. So they know that people are used to paying monthly subscription fees. And the criminals have thought about ways they can bring that into their own type of revenue streams. So what we’ve got here is, does anyone on the call today get those sms saying that your parcel is ready to pick up from Ozpost or your order from JB hi Fi? I get that one all the time from JB hi, telling me my order is ready. And unless my wife’s doing a lot more online shopping than I’m aware of, we haven’t ordered anything from JB hi Fi. And I look at that link on my phone, and it’s completely malicious to me. I pick that up straight away.

Geoff Morrison [00:12:07]:
But if someone wanted to run that campaign, they can jump onto the dark web, and that will cost them $20 a month to run that. You’ve got hacker for hire for $200 plus an hour. And then we’ve even got zero day threats like I spoke about before, those things that have just been discovered. You can pay up to $250,000 to get that latest zero day exploit from Apple. Now, hopefully there’s a couple of businesses on here that you recognize, and I’m not too sure if everyone was aware, but even as early as last month, the cybercriminals tried to stop us from drinking beer in Australia and by hacking lion Nathan. And that’s kind of when I got really angry. We’re in a pandemic. There is no time to be stopping the shortage of alcohol that people should be drinking at the moment.

Geoff Morrison [00:12:56]:
It’s just gone too far hacking other businesses, but stopping Australians from being able to drink beer is completely unpatriotic and something that we just won’t stand for. But all jokes aside, these businesses here are top of the big names that we’re seeing at the moment that have been subject to cyberattacks. Toll group, they’ve got hit twice this year already. Bluescope Steel got hit, and that meant a stop of their production systems that were halted company wide. And if you think back to those three r’s that I mentioned, think about the revenue, the reputation and the regulation impacts it would have on these businesses in such big organizations and brands. Toll group lost over 200gb of corporate data. Now, that’s something really to consider. They might have had some type of protection and thought, oh, we can get back from our backups from this ransomware event, but the fact is that these people have stolen corporate data.

Geoff Morrison [00:13:54]:
They’ve now released that. So that’s a privacy incident, but they’ll also try to hold you ransom for that as well. We’ll talk a little bit about that in a second with the likes of Mays ransomware. This is the type of ransomware that we’re seeing and at the moment that is there trying to steal your data. So like all types of ransomware, its main goal is to encrypt your files that it can infect on a system and then demand ransom from it. But what it also does is it takes a snippet like what happened to toll group and says, hey, we’ve taken this data. You can repair from your backups if that’s what you want to do. But just know that we’ll release this data if you don’t pay for us.

Geoff Morrison [00:14:35]:
And to a lot of organizations, that could be your seven secret herbs and spices. If you’re Kentucky fried chicken, that’s the real ip and that’s the main piece of your business. And if that was released, kind of think of the damage that that would have on your bottom line right now. Not all ransomware is all scary. There’s also some interesting ones that attack people on a personal level as well. So this is called leakware docswear or sextortion that it can be referred to. And what happens with this type of ransomware is they actually try to get you on a personal level. I’ve got a friend, and this is quite a funny story, and hopefully do apologize in advance if anyone takes offense, but my friend was caught online with his webcam on and possibly without his clothes on.

Geoff Morrison [00:15:21]:
Right. We’ll just leave it at that. And the people on the other side took advantage of that and they started recording him without his clothes on. They then came back to him a few days later and said, hey, we’ve got this video of you pay us $1,000 or we’re going to send this to your wife. He’s like, no, I’m not sending you any money. That’s ridiculous. Go away. Because he’s linked to his wife on Facebook.

Geoff Morrison [00:15:45]:
They found him, found that he was married to this lady. And lo and behold, we just happened to be at his place for a barbecue when these people contacted her on Facebook and said, hey, we tried to tell your husband, but he didn’t want to listen. So here’s a video without his clothes on. And obviously it escalated quite quickly and.

Geoff Morrison [00:16:06]:
Quite embarrassing for everyone that was at.

Geoff Morrison [00:16:07]:
That barbecue that day. We also got popcorn time ransomware. And this is kind of just interesting to note because of their way that they’re trying to get money out of you. So they’re using the referral system so you can get your money the fast and easy way by paying one bitcoin across to their wallet, or you can send a link below to other people. And if two or more of those people install and pay, they’ll decrypt your files for free. That’s kind of a good deal, right? You might be thinking, how are people running these things ransomware, Jeff? How are they doing this? Is everyone crafting it themselves or what are they doing? But actually what they’re doing is they’re jumping onto the dark web. And like I spoke about before, those services that people are running as a monthly service, you can sign up as a ransomware as a service for yourself. I highly recommend that you don’t.

Geoff Morrison [00:17:00]:
It is illegal, so please don’t start doing this. But this is how people are doing it. People are getting onto the dark web, running these types of services, and the people that host these services even give you a support ticket line. These people get back to you within 24 to 48 hours, which is a lot better than some of the large telcos that we’ve even got here in Australia. A couple of quick facts about ransomware. 48% of victims pay their ransomware, but it’s important to note that 30% of victims who do pay never actually get those decryption keys to decrypt their files. Now, what you’ve got to remember here is you are paying criminals. They’re not always going to do what they say they’re going to do and give you back those, the decryption keys.

Geoff Morrison [00:17:46]:
Right. 72% of victims were unable to access their data for two or more days. If this happened in your organization, what would that impact be? If you couldn’t invoice, raise purchase orders, or just even whatever your business may do, maybe you’re in production or whatever it may be. If you couldn’t work for two days, what’s that going to cost you as an organization? You’re still going to have to pay your staff. You’re still going to have to do everything else. Everything else will still be running, but you won’t be able to generate your own type of revenue. 58% of organizations cite that users have been the source of infection. And we’ve got some more stats around the australian data breaches, which will back up that as well, which I’ll show you shortly.

Geoff Morrison [00:18:35]:
I wanted to quickly run you through what a typical attack looks like. So I spoke about emotech at the start being a type of attack, and it’s actually one of the largest attacks that we’re still seeing to date. Back in 2018, the US Department of Homeland Services actually said it was the most destructive and costly attack in the US government right now. But what’s happening there, so we can see, starting with zero one, is it actually infiltrates your organization through a spam email. So those spam emails that we all get, someone’s clicked on it and then what’s happened there is it’s called home. So it’s registered on your computer and it’s reached out and said, hey, mom, hey, dad, here I am, I’ve landed. Let me know what to do next. And that’s something that we call a payload.

Geoff Morrison [00:19:19]:
It’ll then try to spread to other systems on your network. And don’t think that this is just limited to your computers. All smart devices, this could spread to across your network. Anything that’s supposed to be Internet connected, this could potentially get a foothold onto. Once it’s then spread and got a further foothold into your environment, it’ll then try to figure out what it’s trying to do. So it’ll then say, right, am I here to steal data? Do I want to take email addresses, usernames and passwords? Do I want to do a bot attack? So send spam to other organizations and try infect them? Or are we just going to do a payload, maybe do a bank introsion and install ransomware and hold this environment to ransom? Or are we going to do all three? Really depends on what the instructions that have been given out for the attack. You can see how quickly this can really start to spread and start to hurt organizations. Now, phishing has been around for forever, right? In 2016, we saw a massive explosion.

Geoff Morrison [00:20:23]:
And if you know cybersecurity, you’ll know why. Is because of the launch of ransomware. So phishing used to just be trying to sell online pharmaceuticals is basically what it used to do. That was never massive, and not a lot of people clicked it here in Australia, because we’ve got Medicare, right? So for Australians, a lot of our pharmaceuticals we can get from the chemist, and it’s quite affordable. But for Americans, it’s really not. So that’s where it was really targeted at. People that don’t have a great Medicare system like we do. But in 2016, because of ransomware, it then became a global economy using new services and tactiques that they can essentially now spread globally.

Geoff Morrison [00:21:00]:
Doesn’t matter what you’re trying to do, you click on that link, we’re going to encrypt your system and basically make money off you. Regardless, the latest stats from the notifiable databreak scheme have been released. And these are the stats. From January to June of 2020, there were 518 breaches. This figure is down 3% from the 532 in the previous six months, but are up 16% on the 447 notifications received during the period from January to June of 2019. Malicious and criminal attacks, including cyber incidents, are still the leading cause for data breaches. They account for 61% of all notifications. Data breaches resulting from human error account from 34% of breaches.

Geoff Morrison [00:21:51]:
The health sector is the highest reporting sector, notifying of 22% of all breaches. Finance is the second highest sector reporting of notifying of 14% of breaches. Most data breaches affected less than 100 individuals in line with previous reporting information. And contact information remains the most common type of personal information involved in a data breach. So phishing, clicking on those emails, it’s really important that we get people within our organizations to stop clicking on emails. We need to start to educate our staff and ourselves about what a fish email looks like, what a legitimate email looks like, compromised or stolen credentials, that’s another really big risk area. So that comes back to looking at password managers and using two FA and that type of stuff like Ben mentioned at the start. If you do have any questions, please continue to throw them into the chat.

Geoff Morrison [00:22:52]:
And I’ll definitely come back to those at the end because we should have some time to go over any questions today. We’ve then got passwords and this is related to credential theft. So using hard passwords for you to remember doesn’t actually change the outcome for an attacker. We need to be making sure that we’re using password managers. So even for your own personal life outside of the business, use a password manager. Three that I won’t endorse, but I could recommend I don’t get paid for it. Do what you want to do. Bitwarden, LastPass, and one password of three that you could use.

Geoff Morrison [00:23:29]:
And what they essentially do if you’ve never used a password manager before is you make one long password. So I would recommend a sentence, quote, or random words together to get into your password manager. From there, your password manager manages everything. So you will create a list of passwords that you need. There’s browser plugins to help you out with that. And then when you go to log into your banking portal, you’re not putting in passwords. Passwords aren’t saved in the browser. They’re saved in your password manager.

Geoff Morrison [00:23:58]:
Using the browser plugin, it’ll know that, hey, you’re on combank’s website and it’ll put your password in for you. Why password managers are important is because they’re making really long passwords that are really hard to crack. Different characters, letters, all types of things in there, something that you basically could never remember as a human, but that’s why. And every password is unique. So making sure that you don’t reuse credentials is really important in this because why so is, let’s say, my email, right? Jeff Morrison@softhos.com if I use the password, I love softos one, two, three, and my account gets breached, they can then go, oh, maybe Jeff uses I love softos one two three for his Facebook or Instagram or LinkedIn or whatever it may be, and then the attacker will start to hit you personally in different areas of your life that you didn’t think was possible. So it’s really important to make sure that you don’t reuse credentials there at all. A couple of tips for personal security. So Ben mentioned at the start, it’s are you okay day.

Geoff Morrison [00:25:07]:
So you’re having a conversation with people today to make sure they’re okay. Throw into that conversation, what’s your personal security like? Talk to your friends and your families and coworkers about this and make sure that everyone’s well across the real importance of personal and business security, consider using a VPN for connections from outside of your network. Use two factor authentication or two fa wherever you can. Personal devices. Make sure that you’re patching those and patching often. If an alert comes up on your iPhone tonight. Hey, we’ve got an update. Do the update when you go to bed.

Geoff Morrison [00:25:44]:
It’s not going to harm you, it’s not going to hurt you. You’re asleep. Let it update your phone, wake up and you’ll be fine to go. Don’t be afraid to speak up if you think you’ve been breached as well. A lot of people might click on that email and just go, nothing happened. I think we’re okay. But the chances are you’re probably not okay. Something may have happened.

Geoff Morrison [00:26:04]:
So alert the grassroots it people or a key it person in your life that can assist you with that. If it looks dodgy, chances that it is. And you can also check your own leaked data on this website here. So have I been owned? Apparently owned is now spelt with a pwned.com. Is the website there? And that’s open source. And the guy gets a lot of information from the dark web and puts it up for people to use. It’s just a regular website and there’s no types of concern with using that. Looking up for your own information with that, that wraps up the threat landscape update that I’ve put together for you today.

Geoff Morrison [00:26:44]:
And where I wanted to move into is now talking about the Sofos product set and how we can help you. So as a grassroots customer, I think Ben might jump in and correct me here if I’m wrong, but the majority of you would have our central endpoint protection. With our central endpoint protection, you also get web protection, which gives you category based web control on your laptops and computers no matter where they are. We’ve also got download, checking, web peripheral and application control anti malware. So basically protecting you against malware using our live protection, it’s also got automatic malware removal and something that we call here at Sophos called synchronized security, which I’ll talk about in a minute, which basically sends information from your computers to your firewall and eliminates threats throughout your network. So our endpoint protection is really our base level entry point into our endpoint protection these days. All of it is all backed by our Sophos Labs team. And just a little stat if you want to write it down.

Geoff Morrison [00:27:54]:
Our Sophos labs team sees over 500,000 new unseen threats every single day. We’ve then got our next level up of endpoint protection called Intercept X. With Intercept X, we’re not just relying on the signature updates like we do in our endpoint protection, this actually utilizes something that we call deep learning. With our deep learning, we’re actually able to stop those threats that we’ve never seen before. Based on what we’ve seen in the past. We also include things called exploit prevention, active adversary. And probably the biggest one here is ransomware protection. So with Intercept X, you actually get protection against ransomware, but it will not only detect and stop the ransomware, it’ll actually clean up after it.

Geoff Morrison [00:28:49]:
So probably a big threat now for a lot of organizations that aren’t using a product that can roll back from ransomware is we don’t back up our personal laptops for just staff in the organization. Right. We back up the servers and the kind of the crown jewels with this. This will make sure that if your laptop has the finance manager or one of the decision makers in your organization, if your laptop gets ransomware because of something you’ve done or something someone else has done in the organization, it’ll actually stop the encryption attack, clean it up, and roll it back to how it was without kind of any user interaction from anyone. We’ve also got disk and boot level protection. That’s another type of ransomware that we’re seeing a lot of at the moment. We can then take further steps. We can do safe browsing, which does man in the middle protection, essentially ensuring that if you’re visiting Google, it’s going straight through to Google and no one is sitting here in the middle kind of look at what you’re doing.

Geoff Morrison [00:29:47]:
We can also do application lockdown. We create these things called threat cases as well, which basically gives you a massive picture of what the threat was trying to do. What are the files that spoke to while the attack was active and will help you identifying if you do need to make a notification or breach to the privacy commissioner, because it will show you what files were involved, then we move on and we talk about the best protection for our networks. I think a few of you on the call today definitely have our XG firewalls with some, maybe not yet to go down that route, but essentially the XG firewall is definitely more than just your kind of basic router and giving you Internet connectivity. It’s been designed from the start to address top issues that network admins face with their existing firewalls. We offer affordable, flexible, and easy networking, so either internal or something you may have heard called SD WAN Remote and office branch network connectivity. We’ve also got Wi Fi included in our firewalls or at separate access points as well. The XG firewall offers the best visibility, protection and response of any type of firewall that we think in the market at the moment.

Geoff Morrison [00:31:01]:
And thirdly, the XG firewall offers unmatched protection, managing the day to day with our cloud management console that then you can use to manage all of your IT security products from in one place. Essentially it’s giving you great tools to simplify your life, having built in expertise, really helping you out to make sure that your organization is protected. We’ve also got protection for the cloud as well. So if any of you are running workloads in the cloud, I’m not talking about your office 365 or your type of typical email hosting. I’m actually talking about moving your servers from in house into the cloud. We can actually give you protection against that as well. So that’s with a program called Cloud Optics. Essentially what that is doing is that is giving you visibility, compliance and control about what’s in the cloud.

Geoff Morrison [00:31:52]:
So we’re using AI and automation to simplify compliance, governance and security monitoring. Essentially we stand up here above the cloud. You might call me Jesus. That’s okay. We’ll look into the cloud and see exactly what’s going on within your organization to make sure that it’s secure and what it’s been doing. We’ve also got a managed threat response organization, part of our business as well, which does 24/7 threat hunting, detection and response delivered by the Sophos team as a fully managed service for you. So what that’s going to do is that’s going to look through those threat cases that I spoke about, grab that copy paste compromise from the australian government and make sure that your organization is protected against that. Look for any indicators of attack.

Geoff Morrison [00:32:40]:
So if you’re thinking about your house, it would walk around your house or your IT environment, look for those broken windows and oh, what’s going on here? Let’s investigate that further. Is there an attack happening that hasn’t been detected? Great. What are the steps we need to take to stop that attack? That’s a 24/7 managed service for you. You can put it in full automate mode. We can work with the grassroots it team. It’s really up to you on how that works. And essentially we’re going to make sure that any threat that comes in, we’re going to neutralize that threat, give you an incident response plan on what steps were taken, or work with you to do that as well. I think with that, we’ve really got to stop looking at point products in cybersecurity and move to a full solution.

Geoff Morrison [00:33:24]:
You need to be thinking about moving to a solution that shares health status with each other, shares information on suspicious events found within your environment, and constantly responding to security incidents. And how do we do that at Sophos? I mentioned this at the start there with something called synchronized security in our security heartbeat. What we can do is this is a typical network setup that we’ve got here. It’s got the Internet, it’s got an XG firewall, it’s got your servers, it’s got our two management consoles, the XG firewall and Sophos Central. And it’s got our endpoints protected by Intercept X in this scenario. Right? With that, we can automatically detect that once an endpoint is in red health status, it’ll share that information back to the firewall and isolate itself. But then the firewall would jump in and say, hey, everyone else on the network, don’t go speak into Jeff’s laptop. He’s dirty.

Geoff Morrison [00:34:19]:
He’s got malware. Once the laptop’s been cleaned up, using Sophos clean and checked by the IT team to get added back in, we’ll then release that machine back onto the network. Right, so kind of gone are the days of the panic. Oh, there’s something happened on my machine. Let me rip out the network cables and start pulling out, turning off switches and doing all types of things. We essentially have automated that for you, and in under 8 seconds, we’re able to isolate that endpoint from the network, making sure that you’re completely secured. These are some other products that we’ve got here at Sophos as well. So we can also look at wireless web encryption, all these types of things.

Geoff Morrison [00:35:01]:
Everything’s managed through Sophos Central and backed by our Sophos labs team. Now, another thing that we wanted to do today for everyone on the call and all grassroots it customers, if you’ve got Sophos deployed in your environment, we’re actually going to offer out our Sophos home premium for free to everybody. So what I’d like you to do is really hassle Ben, make sure that he sets it up for you and your organization, and we can work with your Sophos account manager, Kevin as well, to get that happening. And essentially, we can do that for all of your users and staff in the organization. And that will give up to ten devices per user to go and use Sophos home in their own home life. And with that, I’d like to thank everybody for their time on the webinar today and just shoot across to see if we’ve got any questions either from Ben or from the field afar as well.

Ben Love [00:36:00]:
Thank you, Jeff. That was fantastic. We have no questions coming in on the chat at the moment, but that’s okay. I know how these things work. I expect a few in my inbox afterwards. I do want to say that the Sofos offering is very powerful and very unique because of that integrated security stack across multiple points. It’s not something that really is present with a lot of the other security vendors, so that’s why we find it such a compelling offer. And Jeff, before we wrap up, let me just say a very big thank you for the kind offer of that Sofos home to everybody listening.

Ben Love [00:36:38]:
That is a very legitimate and genuine offer there. If that is something you would like to offer to your staff to make sure their home computers are properly protected could be really good, especially if they are using their home computers to access work resources. Of course, please let me know. And I think without further ado, if there are no questions or comments from anybody, thank you again, Geoff. Thank you everybody for attending and have a lovely day.

Geoff Morrison [00:37:08]:
Thanks, everybody. All the best.