Data security is one of the most key elements for organizations today and they are now very much aware it’s importance. They hire best officers to make their IT infrastructure secure and deploy the best suitable solutions to improve their security structure. To empower organizations against advanced data breach incidents, Barracuda Networks offers wide range of next-gen security solutions. To dive deep into the state of cyber security, Rajeev Ranjan, Editor, Digital Terminal recently held an exclusive interaction with Parag Khurana, Country Manager, Barracuda Networks India, Mr. Parag shared crucial insights about the cybersecurity market, their offerings, new trends and much more. Read below the excerpts:
Rajeev: How do you see the landscape of the Indian Cybersecurity market? What important role do you play to provide best solutions to Indian companies?
Parag: We have entered a new era of digitisation post the COVID 19 outbreak. But it has come with its own set of consequences. The rising adoptions of cloud platforms, digital payments, remote workforce and other factors have increased the cyber threats in the country. With extensive implementation of fast-developing innovative technologies like AI, ML, IoT devices, 5G mobile, it can also lead to new cybersecurity risks, giving malicious actors fresh possibilities to penetrate corporate networks and steal sensitive data.
Data breaches experienced by digital platforms like JustDial, JusPay or Dr Reddy’s indicate the data security situation in India. Indeed, 79% of Indian businesses had been the victim of at least one ransomware attack according to a Barracuda report titled The state of network security in 2021.
We at Barracuda envision a safer world by offering cloud-first security solutions that are easy to buy, deploy and use. For instance, we recently expanded the capabilities of Barracuda Cloud Application Protection to protect businesses against the growing OWASP vulnerabilities to websites and applications such as bad bots and supply chain attacks.
We also expanded our cloud-native SASE platform with new capabilities for hybrid deployment models and IIoT environments. Combining with zero trust and SD-WAN capabilities, it solves common security for remote access, connectivity, and scalability challenges businesses face in this digital transformation age.
Together with Barracuda Email Protection that provides comprehensive AI-powered email protection, and Barracuda Cloud-to-Cloud Backup that offers fast and resilient backup for Microsoft 365 data, we protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers’ journey.
Rajeev: Why do you think it's difficult to detect malicious HTML attachments?
Parag: Malicious HTML attachments are commonly used in email communication that users might receive regularly for credential phishing. They include URL links to a phishing site, which, when opened, gets redirected to a third-party machine that requests the users to enter their credentials to access information or download a file that may contain malware.
Attackers have been embedding HTML attachments in emails disguised as an important document, tricking users into clicking on phishing links. These are successful techniques because HTML attachment itself is not malicious, but eventually routes the user to a malicious site instead. Hackers no longer need to include malicious links in an email attachment but instead, use multiple redirects with Java script libraries hosted elsewhere. This allows them to bypass anti-spam and anti-virus policies easily.
Rajeev: Critical infrastructure is under attack. What are the significant challenges that businesses are facing?
Parag: Critical infrastructure will continue to face significant security challenges even in 2022. As per our report titled The State of Industrial Security in 2022, organisations struggle to protect operational technology (OT) from breaches as attacks are widespread. Insecure remote access, lack of network segmentation, and insufficient automation leave organisations across sectors open to attacks.
In India, the critical infrastructure is traditionally referred to as the rail system, airports, ports, oil and gas companies, and government-owned public utilities/companies. But today, even large businesses like telecom, gas, electricity providers, hospitals and large banks too are a part of this infrastructure. Even though they are successfully implementing advanced security technologies, they experience various challenges when implementing IoT security projects.
Moreover, scalability of the solution, level of security provided by the solution connectivity, lack of control over external devices joining the network, lack of technical knowledge and dealing with legacy infrastructure too are some of the critical concerns of the organisations when implementing IIoT/OT security projects.
Rajeev: More investment is required to enhance industrial security. What are the challenges that companies might face when it comes to implementation, including basic cyber hygiene?
Parag: Companies need to reconsider and reassess their investment strategies to improve existing security parameters. In many cases, organisations suffer from a gap in security professional who can uphold security capabilities and defend business against growing threats. For many SMEs, it could be due to budgetary constraints. Without a sufficient budget allocated for industrial security, a company will not have access to neither the latest cybersecurity tools and frameworks nor the necessary professionals required to operate them. On top of that, insufficient security awareness training leaves employees vulnerable to attacks. Under such a scenario, a company is akin to a sitting duck in an ever burgeoning threat matrix that is swarming with predatory rogue actors and cyber masterminds who are constantly targeting companies with subpar defenses.
Rajeev: How do you sell your solutions in the Indian market? Please share about your channel network. Please share the name of key distributors in India.
Parag: A country like India promises huge potential for a global cybersecurity firm like us. As a channel dedicated company, we build success with our partners and distributors, such as Hitachi Systems Microclinic Pvt. Ltd., Valuepoint Systems, Dynamic Group, etc. to name a few, and grow together by offering comprehensive and innovative security solutions. We ensure our partners get all the support they need to succeed and secure customers’ businesses, which means we invest in onboarding and enablement to provide training and tools partners need to successfully sell Barracuda solutions; marketing and sales support to create qualified leads and co-operation programs with partners, and excellent customer support.