Carmel-based Rook Security acquired by English firm

An English company has acquired Carmel-based cyber-threat firm Rook Security LLC and plans to take on Rook's local office, its 19 employees and its founder, the companies announced Monday.

Sophos Group, a publicly traded company based in Oxford, acquired Rook for an undisclosed price as part of its effort to become a reseller of managed detection and response services. 

Eleven-year-old Rook had been on a torrid growth pace for most of this decade but has downsized its workforce more than 60 percent over the past three years.

thompson-jj-mug-lg.jpg Thompson

Sophos said it plans to combine Rook’s capabilities with a technology platform called DarkBytes that it also recently acquired. Sophos plans to resell the combined service through its 47,000 partners worldwide.

Rook CEO J.J. Thompson said in an email on Monday that the Rook office in Carmel "will stay the same, and we have near-term plans for expansion."

"All of Rook Security's 19 employees will join the Sophos team," said Thompson, whose new title at Sophos is senior director of managed threat response.

Managed detection and response, or MDR, services are designed to detect and respond to cyber intrusions, malware and malicious activity with the goal of providing a faster response to threats. Sophos says its MDR service will provide continuous monitoring using the combined intelligence of automated response and human expertise.

Rook was founded in 2008 in San Jose, California, by Thompson, who moved the company to Indianapolis, his hometown, the following year. It made IBJ's Fast 25 list in 2016 and Thompson became an IBJ Forty Under 40 honoree that same year. In mid-2016, the company reported it had 54 employees, and its revenue for that year was $8.8 million.

In 2017, the company left its downtown Indianapolis offices in the 14-story Burton Building at 120 E. Market St. and moved into about 10,000 square feet in an office building at 11350 N. Meridian St. in Carmel. 

“We are excited to bring our experts and service delivery innovation to Sophos, a global leader in next-generation cybersecurity,"  Thompson said in a statement. "Together, we can implement faster, more effective threat detection and response capabilities to better protect businesses.”

Joe Levy, chief technology officer at Sophos, said the company’s goal is to help firms that don’t have the resources for in-house security teams to be on guard around the clock.

 “Cybercriminals are relentlessly trying to exploit organizations with techniques ranging from tried-and-true phishing emails to the more recent trend of ‘hacker pen-testing’ to find weaknesses in their surface area. As a result, businesses need 24/7 monitoring and management of what is happening on their network,” Levy said in a statement.

“With MDR, Sophos’ channel partners will be able to provide businesses of all sizes with expert services that continuously detect, hunt for and respond to security incidents,” he said.

Sophos also said it plans to synchronize its security technology and products with Rook Security’s 24/7 services for MDR customers.

Sophos boasts 100 million users in 150 countries who use the company’s security services related to encryption, web, email, mobile and network security.

Please enable JavaScript to view this content.

Story Continues Below

Editor's note: IBJ is now using a new comment system. Your Disqus account will no longer work on the IBJ site. Instead, you can leave a comment on stories by signing in to your IBJ account. If you have not registered, please sign up for a free account now. Past comments are not currently showing up on stories, but they will be added in the coming weeks. Please note our updated comment policy that will govern how comments are moderated.