Project Galileo will be a game changer: Sophos CTO

• Most IT security vendors today only offering two-dimensional security
• 4D security is context-aware and multilayered, to be rolled out in stages

UK-based Sophos Ltd believes that its Project Galileo initiative, and the soon-to-be-launched security solutions under it, will be a ‘game-changer’ in the IT security landscape.
 
According to its chief technology officer Gerhard Eschelbeck, Project Galileo is part of Sophos’ move to integrate endpoint and network security, and basically involves providing ‘four dimensions’ of security.
 
“It is a very powerful concept and architecture that we will be launching,” Eschelbeck told a media briefing in Kuala Lumpur recently.
 
“I’m sure we will see companies doing similar things when we publicly announce this to the world,” he declared.
 
Galileo aims to provide context-aware security that combined endpoint and network security, according to Sophos.
 
“Instead of treating policy enforcement, threat prevention, compromise detection and threat response as independent tasks, Galileo recognises that these should all be part of a unified effort to protect users and data,” the company said on its blog when announcing the project.
 
Eschelbeck said that most IT security vendors today are only offering two-dimensional security, and they do this “pretty well.”
 
He said that the first dimension of security involves “what is coming into the device or what kind of content is being downloaded,” while the second dimension involves monitoring the behaviour of application.
 
“However, we believe that there is more we can do,” he argued.
 
In order to provide four dimensions of security, Sophos believes that solutions must also be able to identify what kind of traffic is emitting from a device, as well as to understand what is happening or has to the device over time.
 
“That’s important. If you look at some of the high-profile attacks, what happens is after they are known to have been compromised, it would be determined that the event that led to the compromise happened three to five months back, but was unidentified and undetected at the time.
 
“So the ability to understand what happened over time is absolutely crucial in providing protection in today’s environment,” said Eschelbeck.
 
“Those are the four dimensions that Project Galileo brings to the market, to the industry, and to customers. We want to be the pioneers and innovators in that space,” he added.
 
Rolling out in stages
 
Eschelbeck said that Sophos is expected to unveil its first Project Galileo solution some time towards the end of this year, while the other solutions will be introduced in phases next year.

The rollout of the entire suite of solutions could take about nine months.

Galileo will be rolled out in phases throughout Sophos’ different product lines, as extensions to its existing products, he added.
 
“In essence, Project Galileo is a set of extensions of existing products into a unified system,” he said.

Eschelbeck said he also expects customers to try out the end-point product first, then put their hands on the network products as the pieces come together.
 
“So, they don’t have to get it all at one go,” he said.
 
Keeping it simple
 
While the idea of providing four-dimensional security may sound complicated, Eschelbeck is confident that Sophos would be able to provide these security solutions without compromising on simplicity.
 
“We know that security is complex, but we need to make security simpler. Our philosophy is to offer comprehensive and effective security as a complete system,” he said.
 
He said that it is vital that Sophos be able to offer these security solutions in a simple, easy to manage manner, as its target market – mainly small and medium enterprises (SMEs) – may not have the “human resource luxury” of large enterprises.
 
“A large enterprise will have security specialists, but SMEs usually only have their multitasking IT staff to handle security.
 
“They may not have the expertise and it is crucial that we develop our security solutions so that they are easily managed,” he said.
 
Related Stories:
 
Security chiefs call for investments in ‘transformative’ technologies
 
Security industry needs to abandon fear and trepidation: RSA chief
 
Smarter, shadier and stealthier cyber-crime forces dramatic change
 
Sophos aims for 25% revenue growth in Malaysia this year
 
 
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.