Barracuda

Free in-depth report: Spear Phishing: Top Threats and Trends

March 19, 2019 by Christine Barry

Spear phishing has become one of the most dangerous threats to businesses across the globe. Barracuda has followed this threat closely and it has been the subject of several of our blogs and other published articles. Today our Barracuda email security experts are releasing a new report, ‘Spear Phishing: Top Threats and Trends,' which gives you a deep dive into these attacks and how they work.

Download the report here

This free report offers in-depth information on this global threat, including details on how these attacks are constructed, why they can bypass traditional email security defenses, and how you can protect your company.

Spear phishing is one of the most dangerous threats to businesses around the globe. Download this new report on the top threats and trends to learn how to protect your company from these attacks. Click To Tweet

Christine Barry

Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.

Connect with Christine on LinkedIn and follow her on Twitter here.

https://blog.barracuda.com

Senior leaders of organizations are making progress on becoming cybersecurity savvy

March 15, 2019 by Mike Vizard

One of the root causes of all the cybersecurity issues organizations encounter today comes down to the fact that historically cybersecurity has been treated as an afterthought. Applications have been built with little regards to how they should be secured. As a result, cybersecurity controls generally wound up being layered on top of and around applications and processes that otherwise would have been much more secure had even the most rudimentary precautions been taken.

Hope, however, does spring eternal. A new survey of technology and finance leaders conducted by Grant Thornton, a provider of accounting and consulting services, in collaboration with Technology Business Management (TBM) Council finds 75 percent of IT organizations are building cyber security into business strategy. But under the heading of the proverbial glass being only half full, only 50 percent claim they understand the effectiveness of these programs or have put a have a cyber-crisis response plan in place, the survey finds. That makes a little tough for at least half of the survey respondents to cost justify whatever investments they might have made in cybersecurity.

Cybersecurity has traditionally been an afterthought, with security being layered around and on top of applications and processes. That's starting to change. Click To Tweet

Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Your user reported a phishing email? What’s next?

March 14, 2019 by Olesia Klevchuk

No email security solution is 100% effective. Hackers put a lot of effort into developing attacks that circumvent email protection and end up in users inboxes. Every day IT and security teams receive dozens of reports from their users with suspicious messages that need to be investigated and remediated. With only 17% of attacks reported by users, businesses need effective forensics tools to help them stay ahead of attackers.

Register now for this free webinar

Spear-Phishing Incident Response:
Best Practices to Minimize Risk

Wednesday, March 20, 2019
11:00 AM PST

Already resource-constrained IT professional spend hours on incident response: trying to identify the scope of the attacks, impacted users, clean up malicious messages from inboxes and learn from the attack so that they can prevent it from happening again. These are time-consuming procedures when performed manually, and human error can leave gaps in the process. For most organizations it takes hours, if not days, to remediate a single incident, leaving the organization vulnerable to the spread of the attack.

Fortunately, there are steps you can take to improve your incident response through user education, automated incident response, and forensic analysis to block future attacks.

Manual incident response is tedious, time-consuming, and can increase the risk of a data breach or financial loss.Click To Tweet

Join me next Wednesday, March 20 for a free webinar to learn how you can build a more effective incident response program for your organization.

Why the rapidly rising tide of spear-phishing attacks doesn’t have to mean increasing risks

Why manual incident response can increase your risk of a data breach or financial loss
How to isolate, eliminate, and clean up after attacks, before it has the chance to spread
How to use post-incident forensics to proactively identify existing attacks lurking in delivered email
How Barracuda Forensics and Incident Response can make it faster, easier, and more effective

Register here for this free webinar. If you can't attend the webinar, you can register and then view the on-demand webinar on your own schedule.

Olesia Klevchuk

Olesia Klevchuk is a Senior Product Marketing Manager for email security at Barracuda Networks. In her role, she focuses on defining how organizations can protect themselves against advanced email threats, spear phishing and account takeover. Prior to Barracuda Olesia worked in email security, brand protection and IT research.

Connect with Olesia on LinkedIn.

https://www.barracuda.com

Managing an actionable cloud security framework

March 13, 2019 by Rich Turner

This post is the final post in a series of eight on the five pillars to actionable cloud security. For the rest of the series, visit the Five Pillars blog page here.

“And one to bind them…” J.R.R. Tolkien

Earlier, we described an Actionable Cloud Security Framework as a loop, that feedback from one pillar feeds into the next, and the framework is continually being tuned and managed to comply with the best practices that were established as part of each pillar to keep the framework secure and compliant. In an era of heightened security risks and concerns, compliance is taking on new meanings, not simply as complying with specific mandated written policies, but with infrastructures that maintain data and security policies that support the mandates to which those organizations are trying to comply.

Rich Turner wraps up his series on 5 pillars to a well-architected Azure security framework in this blog post on actionable security tools. Click To Tweet

To that end, a class of products is emerging, as services that monitor and manage organizations’ security postures. Some of these products are as basic as “benchmark checkers” that will evaluate an organization’s cloud security policies against industry standards such as CIS. Others aggregate the control planes used in the various pillars into single “pane-of-glass” management tools. Azure Security Center and Azure Graph are examples of such products in Azure.

Rich Turner

Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

AppSec News Roundup for February 2019: Credential stuffing, Facebook CSRF, public APIs, and more

March 13, 2019 by Tushar Richabadas

Here are a handful of the most significant #AppSec news items from February 2019.

More raw material for Credential stuffing attacks are turning up

Some of the major hacks in the last few years that haven’t leaked out are now turning up for sale. An unidentified hacker has released at least 3 rounds of these credentials for sale, with the last round costing about $9350. They have claimed that the databases include credentials for Pizap, who’ve stated that they are not aware of a hack and will investigate immediately.

Tushar Richabadas

Tushar Richabadas is a Product Manager for the Barracuda Web Application Firewall and Barracuda Load Balancer ADC. His current areas of focus are Cloud and automation. His prior roles ranged from leading networking product testing teams and technical marketing for HCL-Cisco. Tushar closely tracks the rapidly increasing impact of digital security and is passionate about simplifying digital security for everyone.

Connect with him on LinkedIn here.

http://www.barracuda.com

Barracuda’s Erin Hintz on storytelling, simplicity, and doing what you love

March 8, 2019 by Christine Barry

Today is International Women's Day, and Barracuda has been celebrating all week by sharing words of wisdom from notable women in tech. International Women's Day (IWD) is a global day celebrating the social, economic, cultural and political achievements of women. People around the world use this day to advocate for gender parity. The theme for IWD 2019 is #BalanceforBetter, which speaks to the vision of a gender-balanced world.

As part of the worldwide effort to raise awareness to this issue, Barracuda SVP & CMO Erin Hintz participated in an exclusive panel with six other high profile women in business. The panel was hosted by Siegel+Gale, a global branding firm that celebrates IWD each year by holding events in several cities to highlight successful women who are building some of the world's most prominent brands.

Erin joined several other executives in San Francisco to discuss their personal journeys and the lessons they've learned along the way. Here's some of Erin's participation in the panel discussion:

Christine Barry

Connect with Christine on LinkedIn and follow her on Twitter here.

https://blog.barracuda.com

Time for cybersecurity teams to stop cleaning up someone else’s vulnerability mess

March 8, 2019 by Mike Vizard

The fundamental problem with cybersecurity today comes down to the simple fact there isn’t enough time in the day to discover and remediate all the potential vulnerabilities that exist within any IT environment.

A survey of 600 cybersecurity professionals conducted by the Ponemon Institute on behalf of Balbix, a provider of vulnerability discovery tools infused with artificial intelligence (AI), finds 67 percent of respondents admit they don’t have the time and resources required to mitigate all the vulnerabilities in their environment. A full 60 percent admit they don’t even have visibility across all their IT assets. As any cybersecurity professional knows, an organization can’t patch what it doesn’t know it has. In fact, over half (53%) say they only run vulnerability scans either on an ad hoc basis or once a quarter.

'Regardless of how they are introduced, there will always be vulnerabilities in software. The real challenge is finding a way to reduce those number of vulnerabilities to a point where they become manageable.' ~Mike Vizard Click To Tweet

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Barracuda’s Diane Honda on building stronger companies through diversity

March 8, 2019 by Anne Campbell

How can you build a better corporate board that will help make your organization more successful? Diversity is key.

Each year, DirectWomen, an organization focused on promoting women lawyers for service on corporate boards, selects a group of distinguished lawyers to participate in the Board Institute, which will be held in New York City in October. We’re pleased to announce that Diane Honda, Senior Vice President of Human Resources, General Counsel and Secretary for Barracuda has been selected as one of 18 women from across the U.S. to be a member of the 2019 DirectWomen Board Institute class.

To celebrate International Women’s Day, we sat down with Diane to discuss the Board Institute, the importance of diversity on corporate boards, and the changing role of women in technology.

Congratulations to Barracuda's Diane Honda on being named to the 2019 @DirectWomen Board Institute class Click To Tweet

Anne Campbell

Anne Campbell is the public relations manager for Barracuda. She's been with the organization since 2014, working on content and public relations for Barracuda MSP, the MSP-dedicated business unit of Barracuda. She started her career in newspaper and magazine journalism, and she brings that editorial point of view the work she does, using it to help craft compelling stories.

https://blog.barracuda.com

The fifth pillar to actionable cloud security – Incident Response (IR)

March 6, 2019 by Rich Turner

This post is the seventh in a series of eight on the five pillars to actionable cloud security. For the rest of the series, visit the Five Pillars blog page here.

For a number of organizations, Incident Response (IR) is the first symptom of a non-actionable cloud security framework. Often, incidents aren’t even identified until well after they have occurred, and damage has been done. In those cases, response quickly escalates to remediation, and there are numerous cautionary tales of companies being irreparably harmed by large and undetected breaches and incidents.

For many organizations, incident response (IR) is 1st symptom of non-actionable cloud security framework. Within an actionable IR Framework, incidents are security or compliance failures that can be found and resolved before damage is done. Click To Tweet

Rich Turner

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

Securing the workspace with Awingu & Barracuda

March 5, 2019 by Arnaud Marliere

Expectations of our “workspace” are evolving. The age-mix of businesses is shifting with a much bigger concentration of ‘millennials’. A study from PWC suggests 50% of the global workforce will be constituted of millennials (pdf). These millennials bring whole new expectations in flexibility, mobility, and BYOD – and these come on top of the overall business dynamics in the 21^st century, resulting in the adoption of cloud services, AI-based. In parallel, businesses are constantly under pressure of cyber attacks.

Clearly, the way we secured our business and workspaces yesterday, will not be suitable for tomorrow (or today). It will require a new mix of tools and way of working.

The way we secured our business and workspaces yesterday, will not be suitable for tomorrow (or today). It will require a new mix of tools and way of working. Click To Tweet

Arnaud Marliere

Arnaud is CMO and Country manager UK&I at Awingu. After spending multiple years running Cloud and IT related initiative at Belgium’s largest Telco Belgacom, and, strategic consulting projects at The Boston Consulting Group, Arnaud joined the Awingu team. He heads the Marketing & inside sales team, the strategic partnerships with Microsoft, Barracuda, and BlackBerry, and combines this with the country manager role for the UK & Ireland.

Connect with Arnaud on LinkedIn here.

https://www.awingu.com/