Barracuda

Security, Access and Reliability for Cloud-Connected Networks and Applications

Barracuda

The third pillar to actionable cloud security – Network Security (NetSec)

by

This post is the fifth in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here

Many organizations make the mistake of beginning their cloud security framework discussions around NetSec, as this was traditionally how they secured on-premises infrastructure, since all elements of the network were in-house and under direct IT control.  Companies erroneously assume that because they are leveraging a cloud infrastructure, either they will be less secure than when they “owned” all those resources, or that they can simply mirror their on-premises network security controls in the cloud.

Companies err in assuming that a public cloud infrastructure will either be less secure than the on-premises version, or that they can simply mirror their on-premises security controls in the cloud. ~ @rkturner1 Click To Tweet

Again, the cloud is different.  The Shared Security model under which all cloud ecosystems operate inherently guarantees security of the network – but can’t guarantee the security of the companies who are accessing it.  Or put another way, organizations using the cloud need to put security measures in place that will ensure they are not the source of threats and compromises.

[Read more…] about The third pillar to actionable cloud security – Network Security (NetSec)

Cyber-criminals versus white hats: The battle continues in 2019

by

It’s an epic confrontation seemingly without end. On the dark side: a sophisticated global underground economy worth potentially trillions of dollars. On the other: a balkanised group of law enforcement organisations, security researchers, vendors, academics, and national governments. Already this year, we’ve seen both sides make their first moves. The only thing that’s certain is that the CISOs stuck in the middle will continue to lose sleep over mounting threats.

As we move through 2019, IT security must become more proactive and business-aligned, because as good as law enforcement can be the underground economy will continue to undermine digital growth and corporate reputations.

It’s an epic confrontation seemingly without end. The only thing that’s certain is that the CISOs stuck in the middle will continue to lose sleep over mounting threats. ~Phil MuncasterClick To Tweet

[Read more…] about Cyber-criminals versus white hats: The battle continues in 2019

Digital business transformation requires zero-trust

by

When it comes to cybersecurity the primary enemy is integration. Without integration, all our applications and systems would be inherently secure. Alas, most applications only provide business value when they are connected to another application. The inherent problem that creates from a cybersecurity perspective is any IT environment is only as robust as its weakest application link.

An Accenture Technology Vision 2019 report published this month highlights how problematic this integration has become. The report finds that only 29 percent of the 6,672 business and IT executives surveyed know whether partners are working as diligently on security and compliance as they are. Cybercriminals are constantly scanning for vulnerabilities within organizations that can treat as a gateway to penetrate a larger ecosystem. Even ecosystems manage by industry behemoths such as Apple and Google are vulnerable. It was revealed this week that more digital pirates are creating clones of applications that wind up being deployed on the Apple Store because the credentials of developers have been compromised. Google and Microsoft are dealing with a similar issue. Cryptominers have embedded their malware in applications being downloaded via Google Play and the Microsoft Store.

'Without integration, all our applications and systems would be inherently secure. Alas, most applications only provide business value when they are connected to another application.' ~ Mike VizardClick To Tweet

[Read more…] about Digital business transformation requires zero-trust

AppSec News Roundup for January 2019: WebStresser, Mirai, reCAPTCHA, and more

by

Application security news never stops, and it can be hard to follow all of the incidents that are #AppSec related.  In this roundup, I've picked a handful of the most significant news items from January 2019.  

Credential Stuffing Attacks are increasing, and free raw material is abundant

Credential stuffing attacks are becoming increasingly common and visible. Two especially visible examples occurred in the last couple of months – Warby Parker and DailyMotion.  For more information on credential stuffing attacks, including anatomy of an attack and a diagram, visit the OWASP site here.

A “megabreach” was also discovered this month. As with most such “megabreach” credential dumps, this one seems to be a merged list of multiple older breaches, with a few million newer credentials in the mix.

Troy Hunt’s HaveIBeenPwned has integrated this list, in case you want to check on your credentials.

Our latest #AppSec blog discusses credential stuffing, megabreaches, and includes resources to help you find out if you are a victim. Click To Tweet

[Read more…] about AppSec News Roundup for January 2019: WebStresser, Mirai, reCAPTCHA, and more

The second pillar to actionable cloud security – Detection Controls

by

This post is the fourth in a series of eight on five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

This next step or pillar relies on first being able to determine who is allowed access and to what – and then detecting anomalies.  Typically, Detection Controls focus on intrusion, more commonly known as Intrusion Detection Systems (IDS).  These are automated, and are designed to monitor and analyze network traffic, and to generate an alert in response to activity that either matches known malicious patterns or is anomalous.  Some IDS controls go further:  they will trigger automated processes that can include recording suspicious activity or scanning the computers involved to try to find signs of compromise. 

An IDS differs from a firewall in that the IDS looks for intrusions that 1) have already occurred 2) are currently underway, or 3) originate from within the network. ~ @rkturner1Click To Tweet

[Read more…] about The second pillar to actionable cloud security – Detection Controls

Planning another great year with Microsoft at Ready Winter 2019

by

Barracuda is looking forward to being a part of Microsoft Ready in Seattle this week. If you’re a Microsoft internal team member attending this kickoff event, we look forward to connecting and celebrating with you in the shared area (Booth #213) in the Ready Zone or at the happy hour we’re hosting on Tuesday.

Over the years, Barracuda and Microsoft have shared a rewarding partnership, and we look forward to continuing to work together to find new ways to provide security solutions to Microsoft Azure customers and ensure we ware tightly integrated.

Barracuda looks forward to continuing to work together with Microsoft to find new ways to provide security solutions to Microsoft Azure customers and ensure they are tightly integratedClick To Tweet

[Read more…] about Planning another great year with Microsoft at Ready Winter 2019

Cybersecurity spending on the rise is both good and bad news

by

A survey of subscribers to the eSecurity Planet web site published this week confirms that it’s the best and worst of times for cybersecurity.

The survey finds more than half of respondents (54%) plan to increase their IT security spending this year, with 30 percent aiming to increase their spending by 10 to 20 percent or more. The survey also notes that 57 percent of respondents report their organizations plan to hire additional security staff in the next 12 months. That signals there is some welcome relief on the way for hard-pressed cybersecurity professionals. It also indicates clearly that organizations are planning to throw a lot more money at a cybersecurity problem that continues to frustrate all concerned.

Recent survey: most organizations plan to increase their IT security spending this year, with 30% planning to increase by 10-20% or more. Click To Tweet

[Read more…] about Cybersecurity spending on the rise is both good and bad news

Protect yourself from W-2 scams

by

Tax season in the US is just a few months away, and companies are already working on compiling and distributing the W-2 forms and other tax-related information to prepare for filing.  As you may have guessed, the criminals are also thinking about tax season and working out ways to steal your identity, sensitive information, and hard-earned tax refunds.

If a W-2 attack is successful, the victim may suffer multiple incidents of identity theft due to the data being sold to other criminals via the dark web. Click To Tweet

Why the W-2 form?

The W-2 tax form is a responsibility of every employer engaged in a trade or business that pays for services performed by an employee, and nearly every employee in the United States receives one of these each year.  These W-2 forms detail the employee's name, address, Social Security Number, wages, tax deductions, and other personal information.  Cybercriminals and tax scammers want this information so they can steal your identity, file fraudulent tax returns or sell it on dark web.   With your W-2 in hand, these criminals can generate multiple streams of income from a single identity.  There are details here if you'd like to learn more about W-2 forms

[Read more…] about Protect yourself from W-2 scams

The first pillar to actionable cloud security – Identity and Access

by

This is the third post in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

Since the cloud isn’t an on-premises solution, securing access is a natural starting point.  Traditionally, customers look at identity management and access management from the standpoint of users.  Users, which can be further categorized into groups, will also have associated roles, and permissions associated with these roles.

Even within similar organizations – example, a company may have multiple groups within a larger development organization, with different permissions associated both to the roles those users have and the groups to which they belong.   It is not necessarily a linear relationship.

'As organizations look to leverage cloud services for transformation, they must be sure to understand those services in terms of how they are accessed and managed.' ~@rkturner1Click To Tweet

[Read more…] about The first pillar to actionable cloud security – Identity and Access

Come to terms with the real enemies of cloud security

by

One of the biggest issues with cloud security arguably has very little to do with technology. Most breaches involving the cloud are generally the result of one misconfiguration or another. In theory, that should not be a big deal if the files being purloined are encrypted. But new research from Vera Security, a provider of information rights management tools, confirms what most cybersecurity professionals already know all too well. Only four percent of breached files were encrypted.

Most end users can’t seem to be bothered with encryption. Despite all warnings to the contrary, unencrypted data is strewn across the extended enterprise. In fact, only 35 percent of respondents to the Vera Security build encryption into security processes and procedures across the board, and only 26 percent employ digital rights management that could be employed to revoke access rights to a file.

Recent survey: only 35% of cybersecurity professionals build encryption into security processes and procedures across the company. ~ @MVizard Click To Tweet

[Read more…] about Come to terms with the real enemies of cloud security