Cybersecurity is essential. But at Barracuda we believe that the key challenges CISOs face with security solutions – complexity, cost, management overheads and the negative impact they could potentially have on end user experience and productivity – are all avoidable. This was the premise on which Barracuda was started as our mission was to make robust email-security available to all businesses.
We have since expanded on this and today, our mission is to protect and support our customers for life. In line with this, Barracuda provides over 200,000 customers with easy, comprehensive, and affordable solutions for email protection, application and cloud security, network security and data protection.
Social engineering attacks: An average organisation is targeted by over 700 social engineering attacks each year of which phishing accounts for the large majority 49%, followed by scamming 39%. The majority 43% of these phishing attacks impersonate Microsoft, while WeTransfer 18%, DHL 8% and Google 8% are also popular brands with attackers. Email remains a top threat vector as 1 in 10 social engineering attacks is business email compromise BEC.
Organisations were successfully breached twice in the past 12 months as a direct result of an application vulnerability.
Ransomware: Barracuda researchers saw a 64% increase in attacks, year over year with attacks on corporations and businesses making up over half 57% of all ransomware attacks. The cost of ransomware is also increasing as 8% of the incidents had a ransom ask less than $10 million, and 14% of the incidents had a ransom ask greater than $30 million.
Automated attacks on applications: Organisations are struggling with bad bots, broken APIs, and supply chain attacks. In our recent ‘The state of application security in 2021’ study, we found that on average, organisations were successfully breached twice in the past 12 months as a direct result of an application vulnerability.
44% of respondents said bot attacks contributed to a successful security breach that exploited a vulnerability in the organisation’s applications. Businesses are struggling to keep up with the pace of these attacks, particularly newer threats like bot attacks, API attacks, and supply chain attacks, and they need help filling these gaps effectively.
Organisations are struggling with bad bots, broken APIs, and supply chain attacks
There are two areas in the wake of the COVID-19 pandemic that clearly warrant more attention as part of any effort to proactively reduce the total number of incidents that any cybersecurity team needs to manage.
Protecting against Social Engineering attacks: The global pandemic and shift to remote work have increased the corporate attack surface, making employees more susceptible to social engineering. With humans remaining the weakest link in the cybersecurity chain, protecting against social engineering attacks with solutions such as comprehensive email protection, anti-phishing, and endpoint protection is essential.
44% of respondents said bot attacks contributed to a successful security breach that exploited a vulnerability in the organisation’s applications
Cloud Application Security: Barracuda recently surveyed hundreds of IT security decision makers from organisations around the world, and the top five application security challenges they pointed to were bots, supply chain attacks, vulnerability detection, API security, and security slowing down app developments.
Cloud web application and API protection WAAP services are becoming an increasingly important line of defense against these threats with Gartner predicting that by 2023, more than 30% of public-facing web applications and APIs will be protected by WAAP.
Cybersecurity is essential. But the key challenges CISOs face with security solutions – complexity, cost, management overheads and the negative impact they could potentially have on end user experience and productivity – are all avoidable.
There are multiple areas in the wake of the pandemic that warrant more attention as part of any effort to proactively reduce the total number of incidents.