Barracuda

Barracuda recognized in latest Forrester Wave

July 18, 2018 by Anthony Kros

Every IT vendor has an opinion on IT analyst firms. Some call them charlatans; others call them oracles. Say what you want about IT analyst firms, they are still an important part of the landscape. IT decision makers often look to them for data, advice, and/or validation, as the analyst voice can lend credibility and recognition to a vendor’s solutions and strategies for their given market and broaden that message to a larger audience.

It is for these reasons that Barracuda is proud to be recognized as a Strong Performer in the latest Forrester Web Application Firewall (WAF) Wave, published by Amy DeMartine. You can read the press release here, and download a complimentary copy of the report at https://barracuda.com/WAFWave.

Anthony Kros

Anthony (Tony) Kros is the Analyst Relations Manager for Barracuda. Connect with him on LinkedIn here.

https://www.barracuda.com

Barracuda PAYG Licensing now available in Microsoft Azure Government Marketplace

July 17, 2018 by Rich Turner

Microsoft has just released hourly VM licensing availability (also known as PAYG or pay-as-you-go) licensing for Azure Government Marketplace, which serves users in federal, state, local and tribal U.S. governments.

Microsoft Azure Government offers level 5 DoD approval, hybrid flexibility, and the broadest compliance with the most certifications of any cloud provider. The platform is offered exclusively to governments and is operated by screened US citizens. This limited access platform was made available to government consumers in December of 2014, but Barracuda has been a part of this space since its beta launched in March of that year.

Rich Turner

Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

ROI for Bounties for Discovery of Application Vulnerabilities Appears Too Compelling to Ignore

July 13, 2018 by Mike Vizard

Now that more organizations than ever are realizing how dependent they are on software there’s a lot more time and effort being put into discovering application vulnerabilities. But a report published this week by HackerOne, an online service for contracting hackers, notes 93 percent of the 2017 Forbes Global 2000 list still do not have a policy in place pertaining to how they receive, respond, and resolve critical bug reports submitted by third parties.

That suggests most of the work being done to discover application vulnerabilities is being done by either the team that developed the application or cybersecurity professionals that typically don’t have much in the way of application development expertise.

Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Lifting the Lid on the Data Breach Epidemic

July 12, 2018 by Phil Muncaster

Data breaches are costing organisations around the world more than ever. The latest annual study from IBM claims an increase of 6% from last year to reach $3.9m per victim enterprise today. In some European countries the figure is even higher. The good news is that there’s plenty of insight in the report that should help CISOs improve their cybersecurity strategies. However, as the latest breach revelations have shown, it’s not just your organisation you need to worry about but also your suppliers.

On the rise

Costs associated with breaches can range from the direct (remediation and clean-up, legal bills and ID protection services for victims) to the indirect (lost customers, damaged reputation and employee productivity losses). Although the US topped the country list in terms of average breach cost per organisation ($7.9m), Germany ($4.7m), France ($4.3m), the UK ($3.7m) and Italy ($3.4m) all came in the top half of the global table.

Mega breaches of one million records can cost an estimated $39m, while the total cost of 50m compromised records can be as high as $350m. Unfortunately, these major incidents are no longer so few and far between.

Phil Muncaster

Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.

Follow Phil on Twitter and connect with him on LinkedIn.

http://www.barracuda.com

WPA3 Wireless Security Specification Advances

July 6, 2018 by Mike Vizard

Wireless networking security is about to get a whole lot better now that the Wi-Fi Alliance has formally rolled out Wi-Fi CERTIFIED WPA3, a specification that adds support for both much-improved authentication and more robust encryption.

The WPA3 suite covers everything from making it simpler to implement complex passwords in a way an end user can easily remember to the encryption of network traffic as it moves between a mobile device and a wireless access point.

Specifically, users accessing public or open hotspots will be able to take advantage of Opportunistic Wireless Encryption (OWE), which automatically provides encryption without requiring an end user to necessarily authenticate their device. WPA3 also provides additional enhanced cryptography algorithms that are built into the framework. These advances are collectively designed to, for example, remediate Key Reinstallation Attack (KRACK) vulnerability that bypasses existing WPA2 network security protocols to steal data as it traverses unencrypted networks.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Celebrating the Economic Independence of Cybersecurity Professionals

June 29, 2018 by Mike Vizard

The fourth of July at its core in the U.S. is a national holiday that celebrates independence. Among IT professionals the group that enjoys the most independence are arguably cybersecurity professionals. Given the fact that the unemployment rate among cybersecurity professionals is a negative number most cybersecurity professionals are pretty much free to work anywhere they want. The issue for many of them is where best to apply their skills given both the level of demand for cybersecurity skills in a specific geographic region.

Indeed, an online job recruitment site, this week published a report that finds the top 10 cities that pay the highest salaries for cybersecurity professionals on average are San Francisco ($148,621), followed by San Jose, Calif. ($128,253), New York ($125,688), Chicago ($125,688) and Denver ($119,368).

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Barracuda releases global research on email security

June 29, 2018 by Christine Barry

Related:
Weighing up the
email security
threat in EMEA

Last month we released our global research on user training and email security. We have some commentary here and you can download the complete report here. We also have details in the press release here.

This research includes responses from 634 executives, individual contributors and team managers serving in IT-security roles in the Americas, EMEA, and APAC. Companies surveyed include small, mid-sized and enterprise businesses across several industries. Here are a few of the key findings:

Christine Barry

Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.

Connect with Christine on Twitter or LinkedIn.

https://blog.barracuda.com

Rapid Escalation of Application Integration Creates Major DevSecOps Challenge

June 26, 2018 by Mike Vizard

They say the primary enemy of cybersecurity is integration. The problem is the rate at which application integration occurs is now exponentially increasing with each passing day and it would appear cybercriminals are starting to take note.

This week Menlo Security, a provider of container software that isolates applications from underlying infrastructure, published a report detailing how a Zero Day cyberattacks exploit what it describes as an integration flaw within Microsoft Word. The report notes that a recently discovered new zero-day exploit, dubbed CVE-2018, employs a zero-day vulnerability to fetch a malicious Small Web Format (SWF) ﬁle from the Internet. The attack embeds an ActiveX control in the Word document that maps to Shockwave Flash Player. The problem is that any ActiveX control that is marked as “Safe for Initialization” does not prompt the user with any security alerts. That means is that the remote SWF ﬁle is fetched without prompting the user with any security alerts.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Threat Spotlight: Caught in the Wild—Millions of Phishing Attempts each Month try to Hook your Users

June 25, 2018 by Jonathan Tanner

When Barracuda first opened shop as an email security company nearly 15 years ago, spam was causing major problems in corporate inboxes. While spam bogged down users, the messages themselves weren’t typically malicious—a lot has changed since then. Today, criminals are using all types of tactics to launch attacks through email, including some clever phishing campaigns where the most effective line of defense is the human firewall.

The human what? You know, in a world where organizations have vendors jumping in front of each other to deploy their “best-of-breed” security solutions at HQ and everywhere else—the only thing between your company and a ransomware attack, could be whether or not your users click, or don’t click on a malicious link.

Let’s take a closer look at the types of phishing emails your users are up against each day, and what they can do to stay safe from creative cybercriminals.

Jonathan Tanner

Jonathan is a graduate of San Jose State University and a Software Engineer at Barracuda Networks. Connect with him on LinkedIn here.

https://www.barracuda.com

Main navigation

Barracuda