Sophos’ new CEO focuses on supporting mid-market and small businesses

New Sophos CEO Joe Levy has highlighted the crucial role of partners in the Oxfordshire company’s efforts to support mid-market and smaller organisations, as well as in the hybridisation of products and services.

Levy, who had been serving as president and acting CEO since February following Kris Hagerman’s departure, was officially appointed CEO in May. Having been with Sophos since 2015, Joe Levy originally joined as Chief Technology Officer. His experience with a Utah-based VAR in the 1990s sparked his strong interest in mid-market and smaller businesses.

Levy, who will be a keynote speaker at next month’s MSP Summit in Atlanta, emphasised that vendors should offer a combination of products and services to not only deploy technology effectively but also ensure its successful operation.

He said: “I have fundamentally believed for the 30-plus years that I’ve been doing cybersecurity that there is just an overinvestment of dollars and attention in the enterprise segment of the market. Most cybersecurity start ups build products for enterprise buyers, and most of the mature businesses that exist in the product space or in the services space tend to be optimized for serving the larger customers. And very, very few organisations, either on the product or the service side, are designed uniquely to serve that underserved segment of the market, the midmarket and SMB in particular.

“The other lesson that I learned while I was doing this is that there needs to be a hybridization of products and services. You can’t just design a set of technologies, throw them over a fence and hope for good outcomes based on that. The past decade in particular has taught us rather acutely that cybersecurity is an interactive sport and that we have to have continuous engagement with the technologies to ensure that they’re doing for us what we expect them to do. Large enterprises are generally better equipped to be able to do that, meaning that they have the staffing, the talent and the budgets to be able to provide 24/7 security operations centres. The vast majority of SMBs, even into the midmarket, generally lack that kind of resourcing, and this just aligns with the well-understood concept of a cybersecurity skills shortage that exists globally today, but it’s most acutely felt by that segment of the market.”