Sophos-Secureworks Merger Aims To Bring ‘Superior’ XDR To SMBs: CEO Joe Levy

The $859 million deal seeks to enable MSPs to deliver improved detection and response to smaller customers, which are relentlessly targeted by cyberattacks, according to Levy and Secureworks CEO Wendy Thomas.

The planned acquisition by Sophos of extended detection and response specialist Secureworks will accelerate the cybersecurity giant’s effort to bring improved XDR capabilities to bear for protecting often-targeted SMBs, according to Sophos CEO Joe Levy.

Even with the addition of capabilities from enterprise-oriented Secureworks, “we're going to maintain our focus on the SMB and the midmarket, because we think that they're the ones who most need superior kinds of offerings,” Levy said in an interview.

[Related: Sophos-Secureworks Merger: 5 Big Partner Takeaways]

Levy and Secureworks CEO Wendy Thomas spoke with CRN last week following the announcement of the $859 million deal between Sophos, which is owned by private equity firm Thoma Bravo, and Secureworks, whose majority owner is Dell Technologies.

The proposed acquisition would undoubtedly be one of the larger investments into SMB security in recent years, and crucially would also mean massive new opportunities for partners including MSPs, according to Levy.

The focus on meeting the needs of partners is “going to be fundamental to the way that we bring these companies together,” said Levy, a Sophos veteran who was named acting CEO of the company in February and permanent CEO in May.

Thomas said the aim is for the merger to create a combined company that can be an even more formidable player in the battle against cybercriminals who target SMBs and midmarket organizations.

“I think when you bring two significant players together with both technology and the best of managed detection and response services together, you're able to bring enterprise-grade security outcomes that become accessible to the market at an affordability — and an ease of implementation — that changes the industry,” she said.

The executives said that while there is no doubt that Secureworks XDR capabilities will be leveraged to enhance the Sophos security platform, the determinations are still being made about the integration and whether Secureworks will continue to be offered as a standalone platform as well.

A fast-growing category in cybersecurity, XDR aims to provide enhanced security covering more than just endpoints, through correlating data from across an organization’s environments and devices and then prioritizing the most serious threats for a response.

‘More Complete Offering’

Executives at solution provider partners of Sophos told CRN they’re optimistic about the potential for the deal, saying it should make Sophos more competitive in the XDR and MDR markets while making advanced security more accessible to smaller customers.

To date, while Sophos has had a broad portfolio of security offerings, the company has not had a full set of detection and response capabilities beyond the endpoint, partners said.

However, assuming the Secureworks deal closes, “now Sophos has a more complete offering,” said Jason Norred, CISO at Solutions II, a Sophos partner based in Littleton, Colo.

“Sophos combined with Secureworks allows them to do full-stack endpoint and MDR, and capture the rest of an organization's security logs and do that full XDR response capabilities,” Norred said. “I think it'll be a compelling offering.”

The acquisition “definitely makes [Sophos] more competitive,” he said. “It gets them a seat at the table.”

And given the massive threat against SMBs, the investment into bringing greater XDR capabilities to smaller businesses is hugely welcome, according to Norred. “SMB organizations are just in dire need of help,” he said.

Ultimately, “I think Sophos-Secureworks is positioned well to have a go-to-market offering that's kind of an all-in-one solution that really allows SMBs to level up their security program at, hopefully, an affordable entry point,” Norred said.

Competing ‘Head On’

Other Sophos partners who spoke with CRN agreed, including Michelle Drolet, founder and CEO of Towerwall, a provider of solutions and professional services for security based in Framingham, Mass. Drolet said there’s no question that the acquisition positions Sophos to compete “head on” with more players in the MDR market, though much depends on the integration and pricing models.

Still, many existing MDR providers are “a little expensive for the SMB play,” which could give Sophos a huge advantage if it can keep its expanded MDR offering affordable for smaller customers, she said.

Tyler Rasmussen, vice president of cybersecurity at Executech, an MSP partner of Sophos based in Salt Lake City, also applauded the planned acquisition of Secureworks by Sophos, calling it a “very positive and encouraging sign.”

The deal “confirms their commitment to invest and continue to improve their XDR and MDR services — which are now absolute requirements for SMBs,” Rasmussen said.

Speaking with CRN, Levy said a key aspect of the opportunity ahead is for the combined company to bring a “superior” model when it comes to security operations — which in fact will “accelerate the convergence” of XDR and SIEM (security information and event management).

“Certainly, there's tremendous value in the technology that Secureworks has built in their Taegis platform,” he said. “I am very excited about the enhancements to the value that we're going to be able to be able to provide to our customers with this.”

Vulnerability, Identity Threat Detection

A few specific areas cited by Levy included Secureworks’ vulnerability detection and response capabilities — which “we know is going to be very valuable to our customers,” he said.

Levy also pointed to the identity threat detection and response (ITDR) offering from Secureworks, which will augment Sophos’ existing ITDR capabilities in the Microsoft ecosystem.

“The ITDR capabilities that Secureworks has built are ahead of most of the other security offerings that we've seen in the space. So there’s incredible value there,” he said.

Both CEOs emphasized the partner-first mentalities of each of their companies, suggesting that bodes well for the integration of the channel programs once the deal closes.

‘Turning The Tide’ Against Hackers

Thomas, who helped to oversee the transition of Secureworks from an MSSP to a security vendor focused on XDR, said that the company in fact was even inspired by Sophos’ commitment to partners.

“Sophos has a pretty brilliant reputation in the partner ecosystem,” she said, saying that the company learned early on that the “example we should emulate is the Sophos partner approach.”

Levy said he is convinced that the combined company’s relationships with MSPs will be “crucial to our actually turning the tide” in the SMB fight against threat actors.

All in all, “I think that there is a really powerful opportunity that we have in how we're going to bring these two units together,” Levy said.