CyberWire Daily - CyberWire Pro Interview Selects: Hatem Naguib of Barracuda Networks.
Episode Date: December 24, 2021During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a cura...ted selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Hatem Naguib, new CEO of Barracuda Networks, to discuss his views on how cybersecurity trends have drastically changed over the past year, including the rise of ransomware. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
It is that time of year when people tend to start looking back at what this year has brought
to try to help plan for the coming year.
It's been an active, accelerating year in cybersecurity with ransomware top of mind for many.
Hatem Naguid is CEO of Barracuda Networks,
and he shares these insights. As you know, we have quite a portfolio of products that we deliver
from a security perspective, and we have access over the last several years to almost 200,000
customers using our products across direct customers through partners and MSP.
And that gives us an enormous amount of threat intelligence that we get to process on a daily basis.
We also provide services for our customers around backup and data recovery.
And so the enormous number of petabytes that we store for them and we manage for them in our cloud
become an important data element that helps us determine what's happening within our customer base.
Our Threat Intelligence team, led by Fleming Shi, our CTO, does both analysis and then
build solutions and capabilities to help alleviate the challenges that customers are having,
but also give insights to our customer base about what better approaches
and the types of attacks that are coming in so that they can take remediation activities
as necessary.
We incorporate those into the product, so we make it as automated as possible for our
customers not to have to worry about what types of attacks are coming in, and we try
and block as much as possible through that without impacting their ability to do their businesses, which is what they've signed us up for.
So over the past year or so, what are the things that have really attracted your attention? What
are some of the trends that you all are tracking? Well, I think on the ransomware side, we've
definitely seen the evolution of that attack, both in its level
of sophistication and, I think, in the scale with which it's being leveraged. It's interesting. I
think from a lot of our customers' perspective, they think, and I think they have a frame of
reference about the type of attacks that occur, that it's an individual hacker or somebody going
in to try and create the
malfeasance that occurs within their environment.
What we've clearly seen is the growth of these almost corporate criminal gangs now that have
been leveraging and weaponizing the capabilities to deliver ransomware as a service.
I think they've clearly taken advantage of what I would say is, at some level, digital transformation.
At other levels, a significant amount of transformation change that's occurred at the customer base with COVID.
People having to work from home, that they manage for their customers.
And so with that, we've seen an increase in the number of attacks.
We've seen an increase in the size and amount of ransomware asks that are coming in. And I think what we've also seen is a much broader number of targets being pursued by this
that has really, I think, surprised, unfortunately, some of these customers,
but by and large has been kind of the soft underbelly now starting to being taken advantage of
by these criminal operations.
of by these criminal operations. You know, you mentioned that at Barracuda, you have a real breadth of insights into the things that your customers are doing, you know, protecting their
networks, but also helping them with their backups. And I'm curious what you're seeing in terms of
your customers kind of turning those knobs, deciding where are they going to spend their
resources, their time, their attention for protecting themselves against these things?
Are those techniques evolving themselves? Yeah, I think they are. I think it's a really
good question, actually. I think customers have evolved from what I would refer to as kind of
the classic, we'll put a firewall in an antivirus and a backup as a security strategy to recognizing that they have to be as sophisticated or one step ahead of the attackers, which means they have to look at multiple threat vectors and ensure that they've got a comprehensive security strategy.
of security strategy. What that's typically meant for them is to look at technologies that allow them to put security closer to what would be referred to as the edge. And I mean edge not
just from an infrastructure perspective, but from the device, the person, and the application and
where it resides, and to be able to really look at the behavioral aspects of what's happening
for each of those elements.
So a great example of that is that we've seen a significant amount of our customers leverage
our Sentinel product, which allows for BEC anti-phishing and really looking at behavioral
anomalies to determine when account takeovers have occurred and how to remediate against
that versus just the classic gateway type of solution,
which would look at something coming in. Is it good or bad? And then stop it.
Similar types of things within the context of protecting against attacks for applications or attacks against the infrastructure,
really building intelligence to understand what's happening and being able to provide both
intelligence back to the customers in terms of how to remediate it, but also delivering that
in an automated aspect. I think one more thing I would just add to that is that data has become
significantly more important in terms of what customers are storing and how they're storing it.
So whereas before they would have looked at backup as just an element of how do I make sure I'm managing all of the entities in my organization and I've got them in some capability
I can restore. Now it's become more important to understand, well, what exactly is sitting where?
Is my employee data also being backed up? How am I managing the privacy concerns that I've got of
my customers? And so that's also, I think, for our customer base, increase the engagement
interaction with our products to have those features and capabilities. As you look ahead to
the next year or so, is it more of the same? Do you think there's going to be additional
adjustments that need to be made? Any thoughts on that? Well, we're definitely seeing, I think,
a broader cross-section of customers engaging more actively in addressing
their security concerns. I think the industrial
companies becoming targets,
companies that would typically not be considered the most technology-sophisticated
so less prone to these types of challenges
have now seen themselves become much more prone.
We've seen significant investment in education, SLED, government, which I think is a very positive sign.
And I think what we're also seeing on two fronts, one is good cooperation in the industry to help the customers deal with this. I think everybody sees security as an everybody problem and not just one individual company is going to be able to address that.
So you see the levels of investments we're making, but you also see other companies making substantial investments to ensure that they're providing the best capabilities from a security perspective, a la Microsoft or Google, etc.
capabilities from a security perspective, a la Microsoft or Google, etc.
I think that the other aspect that we're definitely seeing within the customer base is more managed services being delivered for those customers.
I think they recognize with the challenges of getting resources and the overwhelming
number of alerts that come through, it's a perpetual game of catch-up.
And so companies like us that are delivering
kind of the managed services capabilities around this
are seeing significant interest and attraction
from customers around that.
Yeah, that's interesting.
It strikes me that there's a real desire out there
among organizations, particularly your small
and medium-sized businesses.
They're coming to folks like you at Barracuda and saying, please ease my pain.
Please help me.
I can't handle this velocity.
It's unfortunate.
I wish that wasn't the case, but you're absolutely right.
It's only the 1% of companies that really have the resources and capabilities to be able to manage it.
And those companies are well protected, right?
They deal with attacks.
If you talk to global banks, you know,
they spend hundreds of millions of dollars a year to manage that.
The average company that we work with doesn't have those resources,
can't hire fast enough,
and sees a threat landscape that's becoming significantly more sophisticated.
And this is where we, you know, our job, our mission is to work with these companies
to make sure we build a safer world for them.
That's Hatem Naguid from Barracuda Networks.