Each year around this time, we take a look back and a look forward. This usually comes in the form of a ‘predictions' article, written by team leaders from across the company get together to discuss what they expect to see in the next 12 months. As part of this exercise they also evaluate how well they did in the prior year's predictions.
In this post, our security team leaders discuss the accuracy of last year's predictions, and how their teams responded to the trends of 2015.
Attack surfaces changed. Infrastructures were in flux all year as companies moved between physical, virtual, public cloud, and SaaS deployments. This meant that organizations were facing new attack surfaces, and had to extend their security posture to cover these new surfaces. Many users were surprised to discover that applications in the cloud were not as secure as the cloud infrastructure. Even very popular applications like Pocket were found to be vulnerable.
Barracuda expanded our public cloud offerings and deployment options for our security and storage products. Our product architectures are designed from the ground up for these environments, which allows our customers to take the same security they deployed on-premises and extend this to the new surfaces. Examples:
- Barracuda Next Gen Firewalls provide connectivity across surfaces, secure all attack surfaces, provide network segmentation in the cloud, and more.
- Barracuda Web Application Firewalls secure apps in private and public clouds, control access to applications on cloud platforms and on-premises, and more.
Attacks related to mobile access and web applications increased. This year we've seen several new types of attacks grow in prominence. Mobile device malware is increasing, and SMS text messages have become a popular method for social engineering and phishing attacks. The growth in BYOD and the movement between secure corporate networks and insecure home/public networks have made mobile devices a weak link. It's no surprise that some analysts expect the global mobile security market to reach $34.8b by 2020.
Mobility is a key component of Barracuda security solutions:
- Barracuda Mobile Device Manager provides security and management for iOS and Android devices
- Barracuda introduced CudaLaunch, a mobile app that provides secure and reliable remote access to an organization's resources through the Barracuda NG Firewall
- The Barracuda Web Security Agent (WSA) and Barracuda Safe Browser help implement consistent web security policy on remote, off-network devices
- Barracuda Mobile Portal and TINA VPN capability are built in to our NextGen Firewalls to securely enable access for remote users
- The Barracuda Web Application Firewallsecures the entire attack surface of mobile applications, REST APIs, and AJAX.
For more on how Barracuda enables secure mobility in organizations of all sizes, please visit the Barracuda TechLibrary.
Web application security remains one of the least understood attack surfaces, and it shows. According to the Verizon 2015 Data Breach Investigation Report (Verizon DBIR), the number of web app attacks increased by about 5% over the previous year. Nearly two-thirds of these attacks are part of a Strategic Web Compromise, meaning that the hackers are targeting the web app in order to set up an attack on a different target. Activists and organized crime represent 81% of web app attackers.
We enhanced the Barracuda Web Application Firewall, added On-Premises Central Management, expanded availability to MS Azure App Service, and announced new training to simplify public cloud implementations. We also worked to increase public awareness on web application security, and how to best achieve security through the Barracuda WAF.
There has been a continued rise in DDoS incidents. The number of DDoS attacks hit a record high in 2015. The latest State of the Internet – Security Report states that DDoS attacks grew 7% from Q1 to Q2 2015, and DDoS attacks increased 132% over Q2 2014. Most of these attacks lasted from 1-2 hours, though some lasted much longer.
Barracuda launches new next-generation firewalls, ensuring that all offices can respond quickly to DDoS attacks. These are the industry's first advanced next-generation firewalls in the sub-$700 price range. Our Email Security solutions also include protection from DDoS attacks, and our Web Application Security solutions provide advanced DDoS and application attack protection.
IT security budgets will be insufficient for “business as usual.” IT spending increased in 2015, but the budgets were more likely to be determined by C-level executives rather than technology managers, and it included spending for departments like HR, Legal, and Sales, meaning that IT spending was happening outside of the IT department. SysAdmins continue to do more with fewer resources. See the Tech Pro Research report for more info.
Barracuda Total Threat Protection integrates best-of-breed security components to provide real-time protection against advanced threats. Each component provides comprehensive protection on its own respective vector—network, user, email, Web application, remote access, and mobile. It also scales with your organization and evolves with a constantly changing threat landscape. Barracuda Total Threat Protection is accessible to budgets of almost any size:
- Simple, all-inclusive pricing, with no per-user or per-feature fees
- A single-source solution with central management and consistent user interfaces keep deployment & management overhead low
- Award winning support with no phone trees