Cybersecurity is an ever evolving field

 Attributed To: Anshuman Singh, Senior Director Product Management, Application Security, Barracuda Networks

·      Kindly give us an overview of the cybersecurity scene in India

While cybersecurity awareness is growing, there is a significant gap in the understanding of today’s IT practitioners of the threats and their impact verses the solutions they should be adopting to effectively combat these threats.

While most companies are aware of the need for traditional firewalls and anti-virus systems, these solutions form the first line of defense. Today, organizations face challenges from zero day attacks that traditional firewalls or AV are ill-equipped to handle.

Hackers are becoming more sophisticated. Be it email, network traffic or web application, each element in the network needs to be protected. Most organizations focus only on securing their data centers. As organizations grow, the need for distributed network grows, as networks reach out to POS devices in retail outlets, the security solutions deployed should be able to secure these end points in addition to the crown jewels that are in the data center.

Continuing to secure big distributed networks in addition to deployments in public cloud is a big challenge which is being exacerbated by lack of trained manpower.

·      We are in the first quarter of 2018. What are the things that we should be wary of in 2018 and would gain prominence?

Cybersecurity is an ever evolving field. New attacks surface frequently and newer protection mechanisms become available. In the last few months, there has been an increased  in Spear Phishing, DDoS and Zero day malware based attacks.

Organizations globally have lost millions of dollars to phishing attacks and business have had significant disruptions due to DDoS and zero day attacks. As organizations in India adopt email as core medium of corporate communication – they also are liable to be attacked via the email vector.

·      How is Barracuda Networks handling those threats? Tell us about some of your recent products

Over the last few months we have launched a slew of products and enhancements to our existing products to help our customers stay safe. Late last year, we launched Barracuda Sentinel, a machine learning / AI based security engine to offer protection against spear phishing attacks. Barracuda is currently the only vendor in the email security space that offers this protection.

We augmented our Barracuda Web Application Firewall product line with Active DDoS Prevention Service. This service offers an additional layer of protection to our customers, where the customer’s web traffic is directed through the Barracuda’s network scrubbing centers which looks for DDoS attacks and block them even before those attacks reach the customer’s data centers.

As Zero Day malware threats continue to grow, we continue to augment our Advanced Threat Protection service which is used by many of the Barracuda Networks’ products to offer protection against these Zero day malware attacks.

·      Recently there were reports about Aadhaar details being leaked online. What do you have to say about that? Is our data safe? How as individuals one should deal with the situation

There are claims and counter claims from people who say Aadhar data was breached and those who say it wasn’t. Most of the time the weakest link in the chain is an uninformed individual or a lax process. While the Aadhar data may be kept securely, we need to examine how various entities are dealing with Aadhaar numbers that they collect.

Most of the mobile service providers, banks and other organizations that are asking people to link their Aadhaar information to their accounts have scanners for fingerprints etc. in shops and offices where the computers may be tampered with to install malware and collect the data that is being scanned. So while the core Aadhar database may be safe, sensitive data could still be stolen.

We need to look at each link in the chain and see if each link has been effectively secured.

As individuals, we need to ensure that we keep the basics in mind. Things like, we don’t hand out our Aadhaar number to anybody without proper credentials or we need to be sure that we give our fingerprints only at an official location.

·      AI is being about talked like never before in this country. How do you think AI will impact cybersecurity?

Most of the machine learning capabilities that are being worked upon today are in the context of user behavior for retail ecommerce or Natural Language Processing for various uses but mostly in the context of automation for BPO and such.

There is a huge opportunity for applying machine learning to augment the security solutions and this is being worked upon by many companies internationally but this hasn’t made it in a big way to India yet.

Machine Learning will be utilized both by attackers and the defenders. So the good guys need to up their game and bring the best they have to offer. As cybersecurity evolves both state and non-state actors are acting as attackers. With limited manpower that is trained, the only way organizations will be able to effectively protect themselves is to use products that can work at scale and have the capability of detecting needle in a haystack. All this will be possible only with effective deployment of solutions augmented with machine learning capabilities.

·      Tell us in brief about your future roadmap and the things Barracuda Networks would be focusing on

Barracuda’s security team continues to development products to meet the demands of our customers. We address them either by enhancing the products themselves or releasing newer product lines such as Barracuda Sentinel.

At a global level, we see organizations slowly moving their deployments into public cloud. During our discussions, our customers tell us that while they are adopting the cloud there will always be a need for some elements to remain on-premises. Building solutions that work well in hybrid environment is an important roadmap element for Barracuda.

In many cases, customers prefer security elements also to be available As-a-Service. In 2016, we released our Barracuda Essentials suite for securing Microsoft O365 deployments. While we continue to augment Barracuda Essentials we continue to explore other avenues that may benefit from making our solutions available as a service.

As larger organizations step up the use for SD-WANs or as factories adopt IoT for efficiencies, security should be thought ground up. We have rolled out solutions that offer effective security for SD-WANs and large industrial grade IoT deployments. This is a growing need and we will continue to build our solutions to address the customer needs.