• Sophos Workspace Protection expands Sophos’ portfolio with an accessible and affordable alternative to heavyweight and cost-intensive SASE solutions for securing hybrid and remote work
• Built around the Sophos Protected Browser, powered by Island, Sophos Workspace Protection protects applications, data, users, and guests wherever work takes place
• Managed through the Sophos Central platform, it provides organization-wide visibility into and control of Shadow IT and Shadow AI usage to help organizations assess risk and govern the safe adoption of emerging technologies, including generative AI

Sophos, a global leader of innovative security solutions for defeating cyberattacks, has launched Sophos Workspace Protection, expanding its portfolio to help organizations secure hybrid work and govern the use of emerging technologies, including AI.

Built around the Sophos Protected Browser, powered by Island, the solution enables organizations to protect applications, data, users, and guests wherever work takes place, while providing a unified approach to securing the modern workspace.

Rethinking Security for Hybrid Work

Traditional approaches to securing hybrid work, including deploying multiple cloud-delivered SASE and SSE solutions, often require significant infrastructure, specialized expertise, and ongoing operational overhead to deploy and manage.

These models can increase cost and complexity while still leaving gaps in visibility and control where modern work now happens.

Sophos Workspace Protection takes a different approach by securing the workspace directly, eliminating the need to backhaul traffic through centralized infrastructure.

This reduces the operational burden and cost while enabling protections that follow users, applications, their internet usage, and their data wherever they work, providing organizations at all stages of security maturity with a simpler way to secure hybrid work without added complexity.

At the core of Sophos Workspace Protection is the Sophos Protected Browser, powered by Island and purpose-built to seamlessly integrate with the Sophos Central platform.

With 85% of the modern workday now taking place in a web browser, the Sophos Protected Browser was developed to address security needs where modern work happens.

It provides organizations with visibility and control at the workspace level, helping them protect sensitive data, manage application access, and enforce policy directly within the browser.

By embedding security controls into a familiar user experience, Sophos Workspace Protection enables organizations to secure work across corporate and remote environments without disrupting productivity.

“Security teams are increasingly impacted by complexity, especially as hybrid work, SaaS adoption, and AI tools continue to expand the workspace,” said Mike Jude, research director at IDC. “Sophos Workspace Protection reflects a pragmatic shift in the market, delivering core SASE and SSE outcomes through an integrated, endpoint‑ and browser‑centric approach that simplifies deployment, reduces operational overhead, and helps organizations govern application and AI use without adding another layer of infrastructure.”

Governing Shadow IT and Shadow AI

As emerging technologies, including generative AI, become part of everyday workflows, organizations are increasingly challenged to understand how these tools are being used and what data is being shared through them.

Recent research shows that more than half of employees worldwide now use AI tools at work, often before formal policies or controls are established, increasing risks associated with Shadow IT and Shadow AI.

By providing visibility and control at the workspace level, Sophos Workspace Protection helps organizations assess risk, enforce policy, and govern the safe use of emerging technologies across the hybrid workforce.

 What’s Included in Sophos Workspace Protection

Sophos Workspace Protection is delivered as a flexible set of integrated components that organizations can deploy together or individually based on their security and operational requirements.

The following components make up the Workspace Protection suite:

• Sophos Protected Browser: a Chromium-based secure enterprise browser, powered by Island, that provides controls over application usage, local data handling, and web filtering. It also integrates Sophos ZTNA for access to private web applications and supports SSH and RDP access for remote administration.
• Sophos ZTNA: a Zero Trust Network Access (ZTNA) component that provides secure, posture-based access to private applications by allowing only authorized users and compliant devices to connect while keeping applications hidden from the internet.
• Sophos DNS Protection: a cloud-delivered DNS security service that organizations can deploy to individual Windows endpoints as part of Workspace Protection. It provides an additional layer of web and phishing protection by blocking malicious or unwanted domains.
• Email Monitoring System: an email security add-on deployed alongside Google or Microsoft email services that monitors email traffic and provides additional detection of unwanted or malicious messages, including phishing.

Together, these components enable several key benefits and use cases for organizations securing modern, hybrid work environments.

 “Sophos has long protected remote and hybrid workers with industry-leading endpoint and network security, but today’s work environments demand stronger governance of apps and data,” said Joe Levy, CEO of Sophos. “Many SASE and SSE solutions add complexity and operational overhead while still leaving gaps in visibility and control. By combining Island’s enterprise browser technology with Sophos’ security capabilities and the Sophos Central platform, we are helping organizations govern AI use, protect critical data, and secure hybrid workforces with a solution that is easier to deploy and manage.”

“Hybrid work shouldn’t mean tradeoffs between security and productivity,” said Mike Fey, co-founder and CEO of Island. “Island protects data, secures application access, and helps organizations safely embrace AI, all through the browser people already use. Integrating with the Sophos Central platform lets customers do that with less complexity and more confidence.”    

Key Benefits for Organizations

Sophos Workspace Protection helps organizations secure distributed and hybrid workers, govern the use of emerging tools and services, including AI, and support fast, flexible access for contractors and partners.

The solution also strengthens defenses against phishing, browser-based threats, and other attacks that target users in the modern workspace.

Sophos customers and partners will gain access to Sophos Workspace Protection starting in February 2026.

Levy has been acting CEO since Feb. 15. To drive a critical role in the execution of his strategy to shape the future of Sophos, Levy has named Jim Dildine Sophos’ new chief financial officer (CFO) and a member of his senior management team.

Levy is a nearly 30-year veteran of innovating and leading cybersecurity product development, services and companies.

During his nine-year tenure at Sophos, Levy drove the transformation of Sophos from a product-only vendor into the global cybersecurity giant it is today, including an incident response team and managed detection and response (MDR) service that defends more than 21,000 organizations worldwide.

Levy also created SophosAI and Sophos X-Ops, an operational threat intelligence unit that joins together more than 500 cross-departmental cybersecurity operators and threat intelligence experts.

Sophos X-Ops shares real-time and historical attack data with all of Sophos’ solutions, making them smarter and faster at defending customers from persistent cyberattacks.

Levy has in-depth experience working with the channel, including managed security providers (MSPs), throughout his career, which he started in the mid-1990s as a cybersecurity practitioner and product and service innovator at a value-added reseller.

As CEO, Levy plans to expand Sophos’ already strong customer base in the midmarket, which includes nearly 600,000 customers worldwide and generates more than $1.2 billion in annual revenue.

As a leading provider of cybersecurity solutions for the midmarket, Sophos has a unique ability to further scale its business and the business of its partners by helping organizations in dire need of basic and expanded defenses against opportunistic and targeted cyberattacks.

These organizations include the critical substrate, small- to mid-sized organizations that comprise the machines of the world’s economy and are just as susceptible to cyberattacks as major corporations.

In fact, the critical substrate, including smaller organizations within the classic 16 critical infrastructure verticals, are prime attacker targets, as evidenced by Sophos’ Active Adversary report and 2024 Threat Report. Both intelligence reports reveal how attackers are repeatedly abusing exposed Remote Desktop Protocol (RDP) access at midmarket organizations, as well as going after them for data theft, spying, ransomware payoffs, or supply chain attacks to gain entry to bigger prey.

“When midmarket organizations – the global critical substrate – are paralyzed due to ransomware or other cyberattacks, business activities linked in our supply chains also stagnate, slowing our economy down. Operations of all sizes and shapes suffer collateral damage when dependencies in their supply chains are attacked. This can be devastating in often unpredictable ways because of the increasing complexity of how the modern industrialized global economy works,” said Levy. “Our goal is to help more organizations in the midmarket – the estimated 99% of organizations that are below the cybersecurity poverty line – be better at detecting and disrupting inevitable cyberattacks. Our envisioned approach to achieving this is to work with MSPs and channel partners that can scale alongside us with our innovative critical cross domain technologies – endpoint, network, email, and cloud security – and managed services that they can resell and co-deliver. Cyberattacks against the midmarket could severely impact the world’s ability to function; they are relatively under-protected compared to the 1%, and Sophos is on a mission to change that.”

Levy’s leadership strategy includes adding Dildine as CFO to help Sophos reach its business goals and propel the company on its future growth trajectory. He brings exceptional operational expertise to Sophos, as well as a strong background in channel partner-based cybersecurity business.

Dildine joins Sophos most recently from cybersecurity software and services company, Imperva, where he was CFO for more than four years.

Before Imperva, Dildine was CFO for Symantec’s $2.5 billion enterprise security business unit for three years.

Dildine also previously held key financial leadership roles for nearly nine years at Blue Coat Systems, where Levy also served as chief technology officer.

While at Blue Coat Systems, he oversaw a dramatic growth in market value while guiding the company to a go-private transaction by Thoma Bravo, sale from Thoma Bravo to Bain Capital, and subsequent sale to Symantec for $4.6 billion in 2016.

Dildine also spearheaded the acquisition and seamless integration of six security-focused companies, which were valued at more than $750 million during his tenure.

“Having worked in technology and finance for more than 30 years, it is exciting to join Sophos at this juncture, when the company is well on its way to breaking through to the next level. Everything the company has accomplished thus far is impressive, including how dedicated Sophos is to constantly be innovating its cybersecurity technology and managed security services for customers in the midmarket. Sophos is also equally committed to supporting its channel partners, MSPs, and staff around the world,” said Dildine. “I am looking forward to helping Joe accelerate growth and further position Sophos as a leader in the industry.”

“Thoma Bravo has worked with Joe through successful investments in SonicWall and Blue Coat Systems, and our relationship and experience together, coupled with his authentic style of leadership and impeccable reputation across the cybersecurity industry, make him the ideal CEO to lead this next chapter at Sophos,” said Chip Virnig, a partner at Thoma Bravo and a Sophos board member. “We’re also excited that Jim is joining Sophos as CFO and is a member of Joe’s senior management team. We’ve worked with Joe and Jim at various companies for well over a decade, and we’re confident their combined expertise will reap big rewards for the future of Sophos.”