Sophos’ Aaron Bugal on Evolving Ransomware Tactics and Endpoint Vulnerabilities
Ransomware demands in the Asia-Pacific and Japan region fell by 50% in 2025, according to Sophos’ latest State of Ransomware report. Aaron Bugal, field CISO at Sophos, said this change reflects both law enforcement pressure on criminal groups and the lure of monetizing stolen information.
See Also: What Manufacturing Leaders Are Learning About Cloud Security – from Google’s Frontline
With hybrid work blurring network boundaries, unsecured home endpoints are increasingly being targeted by attackers. Bugal said that some attackers are bypassing traditional perimeter defenses by exploiting edge devices and even non-IT hardware. The goal is often to gain a foothold through less secure home networks, where personal devices used for work lack corporate-grade protections.
“Ransomware is such a tried and true tactic from the cybercriminals that some of them are not turning to initially use ransomware when they gain unauthorized access to an environment,” Bugal said. “A lot of their focus is on stealing information, or at least … invalidating the integrity of the information that we all hold as an organization.”
In this video interview with Information Security Media Group, Bugal also discussed:
- How robust backup systems can reduce ransom payment pressures;
- The role of managed detection and response in strengthening cyber resilience;
- Recommendations for CISOs and security practitioners to balance people, processes and technology.
Bugal joined Sophos in 2006 as a senior sales engineer and has been with the company for nearly 20 years. In his current role, he helps customers across the APJ region deploy and use Sophos’ next-generation cybersecurity solutions and adopt cybersecurity as a service. His expertise enables him to articulate threats in today’s cybersecurity landscape and outline the best strategies to defend against them.
