Barracuda

Barracuda: A Visionary in the 2018 Gartner Magic Quadrant for Security Awareness and Computer Based Training

December 10, 2018 by Anthony Kros

Let me say something totally surprising: Email security is top of mind for everyone these days.

Shocking, I know.

Email is still the #1 attack vector. How do you ensure that your employees can distinguish a malicious email from a good one? Click To Tweet

Organizations want to ensure that malicious emails don’t make it inside the organization. Attackers want to do everything from installing bad software to taking over a user’s account, which makes sense considering that email still reigns as the number one attack vector. Many of you already rely on Barracuda to protect your end users from attacks. But are you thinking about protecting your organization from the people who are opening and reading those emails if malicious messages do happen to make it past your defenses? How do you ensure that they can identify a bad email from a seemingly good one?

Anthony Kros

Anthony (Tony) Kros is the Analyst Relations Manager for Barracuda. Connect with him on LinkedIn here.

https://www.barracuda.com

Gartner report sees greater reliance on Privileged Access Management tools

December 7, 2018 by Mike Vizard

We have met the enemy and it’s us. That’s a feeling many cybersecurity professionals well know. Most security breaches today have a lot more to do with misappropriated credentials than they do with hackers that have found a way around an organization’s defenses. It’s not that hackers don’t have the skills to accomplish that. It’s just a lot easier to accomplish the same goal by stealing credentials using, for example, a phishing attack that tricks unsuspecting users into giving up passwords.

That issue is front and center this week following the publishing of the first ever magic quadrant report specifically address privileged access management (PAM) software. The report forecasts that by 2021 a total of 40 percent of organizations that use formal change management practices will have embedded and integrated PAM tools within them to reduce the overall risk surface. That’s up from less than 10 percent in 2018. The report also notes that by 2021 over 50 percent of organizations that have adopted DevOps will be employing PAM-based secrets management technologies to better protect applications and the infrastructure they run on.

'It's a lot easier for cybercriminals to steal credentials than it is for them to find a way around a company's defenses.' ~@MVizardClick To Tweet

Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Email, supply chain and data breach risk dominates 2018 as a new regulatory era begins

December 5, 2018 by Phil Muncaster

As information security professionals approach the finish line of another year, it’s fair to say the past 12 months have once again been packed with incident. Just as cybercrime is no respecter of international borders, so it doesn’t usually conform to neat 12-month cycles. However, taking stock of the biggest trends and stories over the year can be a useful discipline in helping to drive a more strategic way of thinking going forward.

So what have we learned from 2018?

What have we learned from 2018? Email is still the #1 threat vector, delivering attacks phishing, BEC, crypto-mining, ransomware, and other attacks in ~ 1 of every 10 messages. via @PhilMuncaster Click To Tweet

Email still the number one vector

First, the stuff you already know. Email continued to be the number one threat vector this year, accounting for over 80% of threats spotted in the wild, according to most estimates. One firm claimed that as many as one in 10 emails are malicious. They deliver phishing attempts, BEC scams, crypto-mining malware, ransomware and much more. Over a third of global organisations Barracuda Networks interviewed for its Email Security Trends 2018 report said they’d experienced a phishing attack. That’s bad news when you consider that 93% of all breaches analysed by Verizon featured a phishing element.

Phil Muncaster

Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.

Follow Phil on Twitter and connect with him on LinkedIn.

http://www.barracuda.com

Implementing shared security models in the cloud gets simpler

November 30, 2018 by Mike Vizard

When it comes to cloud security the real issue is not the platforms, but rather a lack of processes for implementing and maintained best cloud security processes. Whenever there is a breach involving a public cloud the issue almost invariably winds up being caused by a developer that forgot to implement one control or another.

This Barracuda blog post by @MVizard explores the new @AWS Security Hub and its role in the shared responsibility model in cloud security. Click To Tweet

Developers are, of course, understandably excited about public clouds because they allow them to build and deploy applications without having to wait for internal IT organizations to provision IT infrastructure. The trouble is that developers are not usually aware of every control that should be implemented to ensure security. Before anyone realizes that, cybercriminals are exfiltrating massive amounts of data regardless because the developer didn’t fully appreciate the inherent shared responsibility model for security when employing public clouds. Cloud service providers can secure the underlying infrastructure, but it’s up to developers and internal IT organizations to make sure the applications deployed on that cloud are secure.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

E-Rate funding: Is your school missing out?

November 30, 2018 by Jennifer Braun

The E-Rate season is in full swing! Now is the time to learn more about E-Rate so that you can fully leverage the available funds. Whether you are looking to purchase or upgrade firewalls or any other solutions, you should stop and see if you can utilize E-Rate funding to help save your school budget dollars.

The E-Rate program can help schools meet the requirements to provide a safe computing environment for students. Learn more in this blog. Click To Tweet

To help you navigate the world at E-Rate, here are a few key things you’ll want to consider.

Jennifer Braun

http://www.barracuda.com

Opportunity knocks for the channel with SD-WAN technology

November 29, 2018 by Chris Ross

A few weeks ago, we released some research around the topic of networking technologies that help users access the cloud securely and quickly – specifically software defined wide area networking (SD-WAN). We spoke to 410 IT and networking professionals working in EMEA to find out more about the barriers and drivers that are shaping their attitudes towards SD-WAN.

While we spoke to end-users for this research, it revealed some interesting insights for the EMEA channel community. There seems to be an increasing opportunity, as businesses in EMEA overwhelmingly turn to SD-WAN, despite a lack of education and skill.

Only 7% of organizations in EMEA have no plans to adopt SD-WAN, but the region still trails adoption levels in the US and APAC regions. Click To Tweet

Chris Ross

Chris Ross is senior vice president of international sales at Barracuda, with strategic & operational responsibility for world-wide markets. Connect with him on LinkedIn.

http://www.barracuda.com

Threat Spotlight: New spear phishing attack gift card scam

November 29, 2018 by Asaf Cidon

When sending social engineering-based attacks, attackers have always used context and timing to their advantage. Combined with the psychological advantage of impersonating someone in a position of authority, the attackers can lure the target, often a low or mid-level employee, to take an action desired by the attacker by simply sending a well-timed email that has highly relevant contextual information —without requiring any type of malicious payload.

A great example of this approach is a recent large-scale impersonation campaign involving gift cards, which is the subject of this month’s Threat Spotlight. [Read more…] about Threat Spotlight: New spear phishing attack gift card scam

Asaf Cidon

Asaf Cidon is vice president of content security services at Barracuda Networks. In this role, he is one of the leaders for Barracuda Sentinel, the company's AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel utilizes artificial intelligence to learn the unique communications patterns inside customer organizations to identify anomalies and guard against these personalized attacks. Asaf was previously CEO and co-founder of Sookasa, a cloud storage security startup that was acquired by Barracuda. Prior to that, he completed his PhD at Stanford, where his research focused on cloud storage reliability and performance. He also worked at Google’s web search engineering team. Asaf holds a PhD and MS in Electrical Engineering from Stanford, and BSc in Computer Engineering from the Technion.

Connect with Asaf on LinkedIn.

http://www.barracuda.com

Protection at the data plane

November 27, 2018 by Rich Turner

“The number of records breached due to misconfigured cloud servers, in particular, shot up by 424 percent compared to the previous year,” IBM concluded in its X-Force Threat Intelligence Index 2018. It’s a sobering statistic – but not one which surprises us.

As one of Microsoft’s top security providers, we’ve protected a lot of Azure workloads. As an AWS supplier with two security competencies, we’ve protected a lot of AWS workloads. So as they say in those catchy insurance commercials, we know a thing or two because we’ve seen a thing or two.

Rich Turner

Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

Create a winning marketing plan for 2019

November 26, 2018 by Lindsay Faria

Even if you’ve developed an innovative suite of IT products and services, there’s no guarantee you’ll capture a single customer without a good marketing plan. The right marketing plan will help you identify likely customers, outline the right way to reach them, and ensure that they will continue to purchase services from you over time.

'To create a winning business roadmap, you must first decide what your goals are for the coming year. You will also have to create an honest evaluation of current and past marketing efforts -- what worked, and what didn't?' ~Lindsay Faria, @BarracudaMSPClick To Tweet

To create this type of winning business roadmap, you must first decide what your goals are for the coming year. If you don’t know what success looks like for your business, it will be hard to move towards it in an organized way. This will also require an honest examination of current and past marketing efforts — what worked, and what didn’t?

From there, you can develop your plan by asking the right questions:

Lindsay Faria

Lindsay Faria is a seasoned marketing professional with more than 14 years of experience managing marketing programs for growing, cutting-edge technology companies. She currently leads the Partner and Content Marketing efforts at Barracuda MSP, where her team dedicates itself to providing tools, resources, and content that enables Barracuda MSP customers to be more successful, and ultimately grow their businesses. Additionally, she is responsible for promoting adoption of the company’s growing solution portfolio among Partners, empowering them to streamline their operations and provide more comprehensive security and data protection to their customers.

You can follow Lindsay's Barracuda MSP blog here and connect with her on LinkedIn here.

https://www.barracudamsp.com

Time to remember to be thankful for cybersecurity professionals

November 21, 2018 by Mike Vizard

There’s usually a lot to be grateful for every Thanksgiving in the U.S. but one area that tends to be underappreciated all year long is cybersecurity. Most cybersecurity professionals labor away all year with little to no recognition for their efforts. The truth is it’s only when something goes horribly wrong that anyone in senior management wants to know who is responsible for cybersecurity. A team of cybersecurity professionals may have thwarted billions of attacks in a year. But it can feel like it was all for naught in one bad horrible day.

'A team of cybersecurity professionals may have thwarted billions of attacks in a year. But it can feel like it was all for naught in one bad horrible day.' ~@MVizard Click To Tweet

Of course, most breaches are not even the fault of the cybersecurity team. There’s not much that can be done when an end user opens an attachment or clicks on a link that results in malware being directly loaded on to their machine. A cybersecurity research report from Verizon notes that 97 percent of all malware arrives in one way or another via email.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Main navigation

Barracuda