In an exclusive interview with Lana at GITEX Global Dubai 2025, Harish Chib, Vice President of Sophos, discussed the measures organisations need to implement to become more resilient against cyber threats rather than simply reacting to alerts and incidents.
During the conversation, he addressed the readiness gap that organisations face when responding to security incidents, noting that security risk posture assessment and continuous threat hunting are essential to identifying vulnerabilities and achieving recovery capability.
He also highlighted the shift in attack patterns, with threat actors increasingly using valid credentials to access systems, and the challenge of cybersecurity professional burnout revealed in Sophos’s latest report.
Chib stressed that multi-factor authentication and identity security are cornerstones of protection decisions. “I would talk to the board about understanding what they are doing in terms of security posture risk assessment, which is really necessary for us to understand what is the readiness of the organisation in case of any incident happens,” Chib said.
He recommended continuous threat hunting. “What are they doing to invest to make sure that their particular network is always being monitored?” he said. “We’ll ask them to invest into any kind of managed detection and response services.”
On credential-based attacks, he said: “I would suggest to adopt multiple factor authentication. And second, I would suggest is to go ahead with active directory hygiene, which is very much necessary, and invest into identity security tools. Like we have, Sophos has ITDR capabilities now.”
Chib discussed Sophos’s regional expansion. “We have announced our local data centre in-country, in the region itself, to make sure that businesses, when they’re moving into cloud setup, we have our own cloud which will make sure that these data sovereignty laws are available in the country,” he said.
On cybersecurity burnout, Chib identified four factors: threat escalation, unrealistic board expectations, voluminous daily alerts, and limited budgets. “The primary reason is there has been a case threat escalation. So volumes of escalations in terms of volumes of threats have escalated,” he said. “Companies are limited in terms of budgets and resources.”
On post-quantum cryptography threats, Chib explained: “Quantum computing is definitely going to be reality, maybe within 10 years down the line.
The data which is encrypted today, with quantum computers you’ll be able to decrypt it.” He recommended organisations first inventorise long-lived data, then “invest and identify those particular data points which needs to be re-encrypted with quantum-resistant algorithms.”
He also explored how organisations are taking a proactive approach to security posture assessment, identity protection, and quantum-resistant encryption are positioned to navigate evolving cyber threats through continuous monitoring and strategic investment.
