Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

Barracuda

Ransomware and phishing top concerns for IT professionals

960 640 Stuart O'Brien
Ransomware (24%) and phishing attacks (21%) are the top two concerns among IT leaders in 2018, according to new research.
Barracuda surveyed more than 1,500 IT and security professionals in North America, EMEA, and APAC about their IT security priorities, how these have shifted over the 15 years and what is expected to change within another 15 years.
Other key finding include:
  • In 2003, viruses (26%) and spam and worms (18%) were noted as the top two threats
  • In 2003 only 3% identified cloud security as a top priority. This number has gone up to 14% in 2018
  • 43% identified AI and machine learning as the development that will have the biggest impact on cyber security in the next 15 years
  • 41% also believe the weaponisation of AI will be the most prevalent attack tactic in the next 15 years

Overall, Barracuda says study indicates that while the top security priorities have remained consistent over the past 15 years, the types of threats organisations are protecting against has shifted significantly.

Looking ahead, respondents believe that the cloud will be a higher priority 15 years in the future and that AI will be both a threat and an important tool.

A full 25 percent of respondents said email was their top security priority in 2003, and 23 percent said the same about their current priorities.

Network security came in a close second for both 2003 and 2018 priorities, with 24 percent and 22 percent respectively.

31 percent of respondents chose AI as the new technology that they will rely on to help improve security, and 43 percent identified the increasing use of artificial intelligence and machine learning as the development that will have the biggest impact on cyber security in the next 15 years.

On the other hand, 41 percent believe the weaponisation of AI will be the most prevalent attack tactic in the next 15 years.

“Artificial intelligence is technology that is top of mind for many of the IT professionals we spoke with — both as an opportunity to improve security and as a threat,” said Asaf Cidon, VP email security at Barracuda. “It’s an interesting contrast. We share our customers’ concern about the weaponization of AI. Imagine how social engineering attacks will evolve when attackers are able to synthesize the voice, image, or video of an impersonated target.”

GUEST BLOG: Phishing and Facebook – A test of reputation for businesses

960 640 Stuart O'Brien
By Asaf Cidon, VP Email Security, Barracuda Networks
 
Facebook is never far from the news agenda, so it was no surprise to see the company under the media spotlight again when it was revealed that a recent hack exposed the personal information of 30m users.
After polling visitors to Cloud Expo earlier this year on their views of Facebook and data privacy, we took to the floor at the IP Expo show in London earlier this month to learn how businesses were feeling about their defences in the wake of the latest high profile attack. 
 
The last time we spoke to the tech industry at a UK trade show, it was on the back of the news that millions of Facebook profiles were apparently exploited for political purposes, so we were keen to understand how views had changed in the six months since then. 
 
Back in April, trust in Facebook appeared to have been badly affected, with 55% claiming that they trusted Facebook less as a result of the Cambridge Analytica scandal. Results from IP Expo further confirmed this, with 41% of respondents citing that they didn’t trust Facebook even before this latest news story. What’s encouraging is that individuals are taking measures to protect themselves – 28% said that they had amended their security and sharing settings as a result, almost identical to the 29% who said the same at Cloud Expo.
 
Individuals in the IT industry have definitely become more wary of how they’re using Facebook, but did this have any bearing on their business?
 
So what does this mean for businesses? 
 
Whilst we still don’t know a great deal about what happened, we do know that while initial reports suggested 50 million accounts were accessed, it was actually closer to 30 million.
 
Despite this smaller number, it’s clear that hackers were able to get unfettered access to a significant amount of sensitive information. For 15 million users, the hackers had access to their name, phone number, and email address.
 
But for 14 million users, the attackers had access to the above as well as their relationship status, work, education, religion, current city, gender, username, device type, pages followed, last ten places checked into or tagged in, and 15 most recent searches.
 
Much of the information up for grabs plays right into the hands of cyber criminals planning their next phishing attack, and as it also includes people’s workplaces, it’s only natural to assume that this could well lead to an increased risk of phishing attacks at work.
 
So is this a precedent that businesses should be prepared for?
 
More than a third of the visitors we spoke to at IP Expo (35%) felt that the Facebook hack was likely to increase the likelihood of phishing attacks on businesses, since attackers would be emboldened by its success. Around 20% of our respondents felt it could work the other way though, as businesses would be forewarned and, therefore, forearmed against such attacks. 
 
Whatever the reality, businesses are certainly not being complacent when it comes to resisting phishing attacks. One in four (25%) of the 200 businesses who took part felt that they have both the technology and the user education in place to feel very confident in their protection. Confidence in technology but not user education meant that 38% felt quite confident in their ability to resist an attack, whilst a focus on user education over technology had instilled confidence in 22%. Only 7% felt that they were sitting ducks, with neither the technology nor user education in place to protect their business.

What now for businesses and individuals?
 
Anyone who regularly uses Facebook needs to review their security and sharing settings immediately, if they haven’t done so already. This is especially important if you have other apps connected to your Facebook account, as this gives attackers even more of a prize should they take over your account.
 
For businesses, the best defence against phishing and spear phishing is to help make users aware of the threats and techniques used by criminals. Organisations should implement a simulation and training program to improve security awareness for their users, regularly training and testing employees to increase their security awareness of various targeted attacks. Simulated attack training is by far the most effective form of training, as it helps humans recognise the subtle clues to identify phishing attempts, and gives employees a baseline understanding of the latest techniques attackers are using.
 
Effective user training can help prevent a lot of attacks, but keeping out attacks that don’t enter via email requires a combination of effective perimeter filtering, specially designed network architecture and the ability to detect malware that may already be inside the network. Businesses also need to keep up to date with software, security and firewall updates to ensure they have the most sophisticated approach to security in place to defend against threats. This demonstrates that SSO/MFA are not the silver bullet of protection against account compromise, because if the authentication provider gets compromised all connected applications are breached. This demonstrates the importance of using AI that can monitor employee behavior and detect anomalies in real time.
 
With huge global organisations such as Facebook and Google showing themselves to be susceptible to cyber-attacks, it’s clear that businesses need to remain vigilant. Every new breach further proves that the public needs to preserve and protect their own cloud data, because the providers are not. 

Barracuda integrates with Microsoft Azure Virtual WAN

960 640 Stuart O'Brien
Barracuda Networks has announced support for Microsoft Azure Virtual WAN service through its CloudGen Firewall, extending networking security to organisations looking to deploy software giant’s solution.
In public preview since July, Microsoft Azure Virtual WAN provides optimized, automated, and global-scale branch connectivity and brings the ability to connect customers’ branches to Azure with SD-WAN and VPN devices (i.e. Customer Premises Equipment or CPE), with built-in ease of use and automated connectivity and configuration management.
 
The Barracuda connection to Azure Virtual WAN is automated: Users need only fill out authentication information and click ‘connect’. Barracuda also utilises dynamic routing protocols in the background to make sure new routes to new locations are automatically picked up and made available.
 
“Customers want choice and flexibility in the cloud, but they can’t sacrifice security,” said Tim Jefferson, VP Public Cloud at Barracuda. “By using our integration with Azure Virtual WAN, customers can have the best of both worlds — large-scale branch connectivity over Azure Virtual WAN with enhanced network security via the Barracuda CloudGen Firewall.”
 
“We’re pleased that customers looking to simplify branch connectivity and extend application workloads on Microsoft Azure now have access to the Barracuda integrated Azure Virtual WAN solution,” said Ross Ortega, Partner PM Manager, Azure Networking, Microsoft. “The integration between Azure Virtual WAN and Barracuda provides ease of use and simplification of connectivity and configuration management, hence providing optimized and automated branch-to-branch connectivity through Azure.” 
 
The integration is available now and can be leveraged by organizations using Azure Virtual WAN in the Public Preview.

RECOMMENDED: ANTI VIRUS

960 640 Stuart O'Brien

IT Security Briefing highlights some of the industry’s key suppliers of anti-virus solutions…

Glasswall-Logo-small-450x230

Glasswall 

Glasswall’s patented deep file inspection, remediation, sanitisation and document regeneration technology eliminates the threat from document-based malware. Glasswall processes files such as PDF, Word, Excel and image files in milliseconds, without relying on detection signatures.

Glasswall does not look for bad but ‘looks for good’, checking every byte of a document against the manufacturer’s file design standard, completely disarming and regenerating clean, standard-compliant files whilst preserving their full usability. The technology seamlessly integrates within email architectures and via an API into web, file transfer, data guards and diodes to deliver real-time protection from file-borne threats.

www.glasswallsolutions.com

 

logo_barracuda_main_black

Barracuda Networks

Barracuda Networks offers industry-leading solutions designed to solve mainstream IT problems – efficiently and cost effectively – while customer support and satisfaction remain at the heart of what it does.

Its products span three distinct markets, including: 1) content security, 2) networking and application delivery and 3) data storage, protection and disaster recovery. Barracuda simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications and data, regardless of where they reside.

Barracuda develops its products for ease of use and ease to deploy, to appeal to SMEs and the mid-market. Therefore, all of the documentation associated with its products is extremely easy for customers to digest and understand. Barracuda also maintains a continuous feedback loop including in-person seminars, user groups, online customer feedback forums, regular customer surveys and ongoing communication and assistance.

While Barracuda maintains a strong heritage in email and web security appliances, its award-winning portfolio includes more than a dozen purpose-built solutions that support all aspects of the network – providing organisations of all sizes with end-to-end protection that can be deployed in hardware, virtual, cloud and mixed form factors.

www.barracuda.com

If you’d like to highlight your Anti Virus solutions, contact lisa.carter@mimrammedia.com