Cybersecurity is an ever evolving field
Attributed To: Anshuman Singh, Senior Director Product Management, Application Security, Barracuda Networks
·
Kindly
give us an overview of the cybersecurity scene in India
While cybersecurity awareness is growing,
there is a significant gap in the understanding of today’s IT practitioners of
the threats and their impact verses the solutions they should be adopting to
effectively combat these threats.
While most companies are aware of the need
for traditional firewalls and anti-virus systems, these solutions form the
first line of defense. Today, organizations face challenges from zero day
attacks that traditional firewalls or AV are ill-equipped to handle.
Hackers are becoming more sophisticated. Be
it email, network traffic or web application, each element in the network needs
to be protected. Most organizations focus only on securing their data centers.
As organizations grow, the need for distributed network grows, as networks
reach out to POS devices in retail outlets, the security solutions deployed
should be able to secure these end points in addition to the crown jewels that
are in the data center.
Continuing to secure big distributed
networks in addition to deployments in public cloud is a big challenge which is
being exacerbated by lack of trained manpower.
·
We are in
the first quarter of 2018. What are the things that we should be wary of in
2018 and would gain prominence?
Cybersecurity is an ever evolving field.
New attacks surface frequently and newer protection mechanisms become
available. In the last few months, there has been an increased in Spear Phishing, DDoS and Zero day malware
based attacks.
Organizations globally have lost millions
of dollars to phishing attacks and business have had significant disruptions
due to DDoS and zero day attacks. As organizations in India adopt email as core
medium of corporate communication – they also are liable to be attacked via the
email vector.
·
How is
Barracuda Networks handling those threats? Tell us about some of your recent
products
Over the last few months we have launched a
slew of products and enhancements to our existing products to help our customers
stay safe. Late last year, we launched Barracuda Sentinel, a machine learning /
AI based security engine to offer protection against spear phishing attacks. Barracuda
is currently the only vendor in the email security space that offers this
protection.
We augmented our Barracuda Web Application
Firewall product line with Active DDoS Prevention Service. This service offers
an additional layer of protection to our customers, where the customer’s web traffic
is directed through the Barracuda’s network scrubbing centers which looks for
DDoS attacks and block them even before those attacks reach the customer’s data
centers.
As Zero Day malware threats continue to
grow, we continue to augment our Advanced Threat Protection service which is
used by many of the Barracuda Networks’ products to offer protection against
these Zero day malware attacks.
·
Recently
there were reports about Aadhaar details being leaked online. What do you have
to say about that? Is our data safe? How as individuals one should deal with the
situation
There are claims and counter claims from
people who say Aadhar data was breached and those who say it wasn’t. Most of
the time the weakest link in the chain is an uninformed individual or a lax
process. While the Aadhar data may be kept securely, we need to examine how
various entities are dealing with Aadhaar numbers that they collect.
Most of the mobile service providers, banks
and other organizations that are asking people to link their Aadhaar
information to their accounts have scanners for fingerprints etc. in shops and
offices where the computers may be tampered with to install malware and collect
the data that is being scanned. So while the core Aadhar database may be safe,
sensitive data could still be stolen.
We need to look at each link in the chain
and see if each link has been effectively secured.
As individuals, we need to ensure that we
keep the basics in mind. Things like, we don’t hand out our Aadhaar number to
anybody without proper credentials or we need to be sure that we give our
fingerprints only at an official location.
·
AI is
being about talked like never before in this country. How do you think AI will
impact cybersecurity?
Most of the machine learning capabilities
that are being worked upon today are in the context of user behavior for retail
ecommerce or Natural Language Processing for various uses but mostly in the
context of automation for BPO and such.
There is a huge opportunity for applying
machine learning to augment the security solutions and this is being worked
upon by many companies internationally but this hasn’t made it in a big way to
India yet.
Machine Learning will be utilized both by
attackers and the defenders. So the good guys need to up their game and bring
the best they have to offer. As cybersecurity evolves both state and non-state
actors are acting as attackers. With limited manpower that is trained, the only
way organizations will be able to effectively protect themselves is to use
products that can work at scale and have the capability of detecting needle in
a haystack. All this will be possible only with effective deployment of
solutions augmented with machine learning capabilities.
·
Tell us in
brief about your future roadmap and the things Barracuda Networks would be
focusing on
Barracuda’s security team continues to development
products to meet the demands of our customers. We address them either by
enhancing the products themselves or releasing newer product lines such as
Barracuda Sentinel.
At a global level, we see organizations
slowly moving their deployments into public cloud. During our discussions, our
customers tell us that while they are adopting the cloud there will always be a
need for some elements to remain on-premises. Building solutions that work well
in hybrid environment is an important roadmap element for Barracuda.
In many cases, customers prefer security
elements also to be available As-a-Service. In 2016, we released our Barracuda
Essentials suite for securing Microsoft O365 deployments. While we continue to
augment Barracuda Essentials we continue to explore other avenues that may
benefit from making our solutions available as a service.
As larger organizations step up the use for
SD-WANs or as factories adopt IoT for efficiencies, security should be thought
ground up. We have rolled out solutions that offer effective security for
SD-WANs and large industrial grade IoT deployments. This is a growing need and
we will continue to build our solutions to address the customer needs.