5 Things To Know About The Sophos CEO Transition

Here’s what we know so far on the appointment of Joe Levy as acting CEO of Sophos.

Cybersecurity giant Sophos is changing CEOs for the first time in more than a decade, with President Joe Levy named acting CEO and expected to lead the company through at least 2024.

The announcement Thursday that Levy is taking over for longtime Sophos CEO Kris Hagerman signals another major transition in the history of Sophos — a company that was founded nearly four decades ago, placing it among the longest-running cybersecurity vendors.

Here’s what we know so far.

Hagerman’s Departure

Sophos didn’t disclose a reason for Hagerman’s departure, which is “effective immediately.” He will remain as an advisor to Sophos through April 1, the company said.

In an email response Thursday, Sophos did not specifically address CRN's questions about why Hagerman is stepping down and whether the transition had been pre-planned.

“I am proud of our team’s accomplishments over the last 12 years as we have transformed Sophos into a true next-generation cybersecurity leader and an industry innovator in delivering cybersecurity as a service,” Hagerman said in a press release announcing his departure.

A former Symantec executive, Hagerman became CEO of Sophos in late 2012. He went on to lead the company through its 2015 initial public offering and, subsequently, the take-private sale of the company to Thoma Bravo in 2020.

Acting CEO Named

A nine-year veteran of Sophos, Levy (pictured) was named president and acting CEO of the company, effective Thursday. Sophos did not give a target date for having a permanent CEO in place.

In response to questions from CRN, Sophos indicated in a statement that Levy will likely be leading the company at least through the end of the year – and is in the running to become permanent CEO.

“Joe Levy’s vision is to lead Sophos through 2024, and he is a candidate and participant in the board’s review,” Sophos said in the statement to CRN Friday.

The Sophos Technology Group, which had previously been headed by Levy, will now be led by Chief Product Officer Raja Patel and Chief Development Officer John Peterson, the company said.

Levy’s Background

Levy has spent more than two decades in the cybersecurity industry, including previously as CTO at SonicWall and Blue Coat Systems before joining Sophos in 2015.

In April 2023, Levy was promoted to serve as president of the Sophos Technology Group, a title which he has held in addition to being the company’s CTO.

Sophos said in the release that Levy has spearheaded “the transformation of Sophos from a product-only vendor into the global cybersecurity as a service company it is today.”

In a LinkedIn post Thursday, Levy said he is “truly honored and excited to take over as Sophos’ President and acting CEO.”

He thanked Hagerman — “who is passing the baton to me,” Levy said — “for his mentorship and outstanding leadership.” He also thanked channel partners and Thoma Bravo.

Looking ahead, “we have so much more to achieve,” Levy said. “I am thrilled for the opportunity to further grow Sophos as a global cybersecurity leader.”

MDR, Services Focus

The Sophos CEO transition comes as the company has grown its revenue to more than $1 billion, tripling from 2012 when Hagerman joined, Sophos said in the news release Thursday.

Sophos executives including Hagerman and Levy have told CRN previously that the company’s managed detection and response (MDR) service has been responsible for driving much of the company’s recent growth. In December, the company said its customer count has surpassed 19,000, up from 13,000 as of a year earlier.

“I think in many respects, we’re already at the front of that [MDR] wave,” Hagerman said in an interview last year. “We have more MDR customers than any other vendor that we’re aware of.”

MDR, however, is just the start of the vendor’s foray into the as-a-service arena. Sophos is “now moving to the next phase, which is to take what we deliver in MDR and make that available in our products,” Hagerman told CRN. The ultimate goal is to take all of the products in the Sophos portfolio—including in endpoint, network, cloud and email security—and “deliver them as a service—and do it in a way that’s highly flexible for both customers and for our channel partners,” he said.

Channel Commitment

In the announcement of the CEO transition, Sophos said it fully intends to maintain its commitment to working with channel partners.

The “immediate goal,” Levy said in the release, “is to work with our partners to further expand our collective ability to secure organizations that are unprotected or need stronger cyber defenses.”

With midmarket and small businesses increasingly under attack by threat actors, Sophos expects to continue reaching those customers with the help of the channel, he said.

“The best way to reach all these organizations is to arm Managed Security Providers (MSPs) and cyber-focused channel partners worldwide – those capable of operating cost-effectively at massive global scale – with innovative security technologies and services they can resell or co-deliver,” Levy said in the release.