Incident Response, MDR

Sophos Offers Incident Response Services Retainer

Sophos is providing an Incident Response Services Retainer to help organizations investigate and remediate cyberattacks, according to the company.

The retainer is available through three tiers of Sophos partners worldwide, the company said.

Sophos Retainer Explained

The Incident Response Services Retainer is a fixed-cost annual subscription that gives organizations on-demand access to incident response experts who protect against cyberattacks, Sophos noted.

Along with access to incident response experts, the retainer's features include:

  • Pre-arranged and discounted incident response service rates and conditions
  • Vulnerability assessment reporting
  • Monthly threat intelligence briefings

Reducing Attacker Dwell Time

The median attacker dwell time was eight days for all attacks in the first seven months of 2023, according to research included in the "Active Adversary Report for Tech Leaders 2023" from the Sophos X-Ops advanced threat response joint task force.

Other notable findings from the report:

  • Ransomware was the most prevalent attack found by X-Ops researchers across Sophos Incident Response cases and accounted for 69% of investigated cases.
  • The median attacker dwell time for ransomware attacks was five days.
  • 43% of ransomware attacks were reported on a Friday or Saturday.  
  • It took approximately 16 hours on average for attackers to reach Microsoft Active Directory (AD).  

Meanwhile, the Incident Response Services Retainer allows organizations to work with Sophos incident response experts to hunt for, respond to and remediate attacks across their multi-vendor environments, the company noted. In doing so, the retainer helps organizations pinpoint and resolve security issues before they lead to data breaches.

Sophos Continues to Promote the Use of MDR

The Incident Response Services Retainer launch comes after Sophos in July 2023 released an MDR for Microsoft Defender solution. Organizations can use this solution in conjunction with cloud, endpoint, identity and other Microsoft Security solutions to safeguard their data, Sophos said.

ASophos in July 2023 partnered with Cysurance, a risk mitigation company that insures, warranties and certifies security solutions. Together, Sophos and Cysurance are providing fixed-price cyber insurance to U.S. organizations that use Sophos MDR, the companies stated.

Sophos delivers MDR and incident response services used to protect more than 500,000 organizations globally. The company offers a partner program for MSSPs, MSPs and other technology providers as well.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.