Cybersecurity

Comprehensive And Affordable Cyber Security Solutions; Interview With Riaz Lakhani, Chief Information Security Officer at Barracuda

Comprehensive And Affordable Cyber Security Solutions

Riaz Lakhani is Chief Information Security Officer at Barracuda and in his role, he is responsible for setting the strategy, managing implementation, and driving all aspects of Barracuda’s information security program. Lakhani joined Barracuda in 2017, leading security, compliance, and risk management for the company. Since then, he has worked closely with Barracuda’s product, cloud operations, IT, legal, and HR teams to design, support, and implement broad security practices across a number of areas, including enterprise operations, product and IT infrastructure, product development, and governance, risk, an compliance. Find out more in this exclusive interview with TechBullion.

Please tell us more about yourself and your current role as a Chief Information Security Officer at Barracuda.

My name is Riaz Lakhani, Chief Information Security Officer at Barracuda Networks. With over 12 years of cybersecurity experience, I’ve had the privilege of working with a diverse range of companies, helping them fortify their digital defenses and fight the good fight. Before joining Barracuda in 2017, I began my career as a security assessor, evaluating the cybersecurity posture of various Fortune 500 companies.

At Barracuda, my role is multifaceted. I’m tasked with setting our security strategy, managing implementation, and driving all aspects of our information security program. My team and I work closely with various departments across the organization, including product development, cloud operations, IT infrastructure, legal, HR, and more, to ensure broad security practices are in place. We collaborate to ensure we have the strongest cybersecurity platform to deal with ever-evolving threats.  

With an overview of the online security market, tell us more about Barracuda, the unique solutions you provide, and why Barracuda’s services are in high demand today?

Some of the most critical cybersecurity challenges organizations face today include securing their infrastructure against sophisticated attacks, ransomware, and account takeovers (ATO). Additionally, protecting web applications from injection attacks and maintaining compliance with various regulations are ongoing concerns for many companies — of all sizes. 

Barracuda offers a comprehensive cybersecurity platform that takes a holistic approach to protecting common attack surfaces including email, networks, data, and applications. The platform is powered by threat intelligence and machine learning layers, and we provide Managed XDR capabilities across all attack vectors. Barracuda maintains compliance with various regulations such as HIPAA, GDPR, and SOC 2 to ensure we can help our customers deploy solutions that meet their compliance requirements. Ultimately, we empower organizations to defend against the latest complex threats, ensuring the security and regulatory compliance of their digital assets.

It’s not a question of if an attack will happen, but when. Many organizations have invested in prevention, but they need to do more for detection and response. We help customers address this with Barracuda Managed XDR, which uses advanced analytics to combine and correlate telemetry streams from multiple data sources into a single dashboard, reducing the time it takes to identify and contain threats.

With email being a primary target for cyber attacks, how does Barracuda’s email protection solutions stand out in terms of effectiveness and ease of implementation?

Our email protection solutions stand out for their effectiveness and ease of implementation due to our commitment to a defense-in-depth approach to email security. The traditional approach of a single email gateway solution on its own can no longer effectively tackle the ever-evolving and multiplying nature of email threats. Barracuda combines email gateway defense, API-based inbox defense, and web security to make it easy to protect against all 13 email threat types.

In fact, Barracuda research based on phishing email detections between January 2024 and April 2024 shows that using Microsoft 365 native security alone, without a complementary API-based email security solution, has a miss rate of 47%. The Microsoft miss rate is higher for more advanced email attacks: Microsoft business email compromise detection has a 70% miss rate, and conversation hijacking attacks are missed at a rate of 87%.

Barracuda’s SaaS email protection solutions use a unified interface, so it’s easy to onboard customers. We offer simple self-serve setup options for easy implementation, and customers who need additional support with configuration can take advantage of our professional services options. Our knowledge base is also a great resource for help with custom configurations.

Application security is increasingly crucial in today’s digital systems. How does Barracuda ensure robust protection for applications without sacrificing user experience?

We’ve spent a lot of time ensuring effective protection with a low false positive rate. This has taken many forms and evolved over the decade we’ve been working on this — from the early iteration we call Smart Signatures to our latest machine learning-powered, risk-based attack detections. When it came out, Smart Signatures was the most efficient way of identifying and blocking attacks. It is a layered processing engine that has been tuned over the years to identify attacks early on, reducing the need for frequent signature updates. So, when it comes to zero-day protections, we are already protecting against these attacks — all the while offering lower false positives, ensuring that end-user experience is not compromised.

The ML-powered detections started their life as the Advanced Bot Protection suite. As we gained experience, we were able to translate that experience into models that could identify the riskiness of each client and each request and then maintain the context to block the attacker. This has also been translated into a capability called Privileged Account Protection where our models validate each user post login to identify and alert on anomalous behavior. All these models are continually tuned to ensure that they offer low false positive rates and adapt quickly to the application they are protecting.

Ease of use is a key component of our cybersecurity platform. Two very important capabilities that support this for Barracuda Application Protection are the Auto Configuration Engine and API Discovery. Auto Configuration Engine uses machine learning to identify and provide configuration recommendations to admins, reducing their workload and improving security by also identifying missing configurations. Machine learning-powered API Discovery looks at live traffic to identify and secure API endpoints. This is particularly important as many admins are not aware of the API endpoints the applications they are responsible for are exposing — the so-called Shadow APIs. API Discovery automatically identifies these endpoints and turns on the relevant security capabilities, ensuring complete protection.

So, when it comes to user experience, we look at all the aspects — from an end-user and admin perspective — to ensure effective low false positive security that does not interfere with application behavior.

Network protection is a cornerstone of cyber security. Can you highlight Barracuda’s approach to safeguarding networks against evolving threats and vulnerabilities?

In the ever-evolving threat landscape, where ransomware, advanced persistent threats, targeted attacks, and zero-day exploits loom large, the need for sophisticated defense is crucial. At Barracuda we take a multifaceted approach to safeguarding customers’ networks, and we have adopted a variety of measures to effectively address the challenges of protecting against changing threats and vulnerabilities. 

At Barracuda we leverage Secure Access Service Edge (SASE) solutions to help organizations protect and optimize their entire network infrastructure, and our core network security products — Barracuda SecureEdge and Barracuda CloudGen Firewall — help protect and connect all users and devices, including IoT endpoints.

Our cloud-native SASE platform is equipped with multilayered security and cutting-edge firewall technologies, crafted to safeguard on-premises and multi-cloud deployments against a myriad of network vulnerabilities. It protects our customers’ infrastructure by providing firewall-as-a-service, Zero Trust Network Access, and secure web gateway capabilities, while optimizing their networks and interconnecting sites through powerful secure SD-WAN technology.

Barracuda’s network security solutions enable businesses to control access to data from any device, anytime, anywhere, and allow security inspection and policy enforcement in the cloud, at the branch, or on the device. 

Data protection is a top priority for businesses today. How does Barracuda assist organizations in securing their data assets while ensuring compliance with regulations?

We provide data backup, archiving, and classification solutions to enable organizations to recover from failure, accidental deletion, or threats like ransomware while staying compliant with regulations.  

Barracuda Backup and Cloud-to Cloud Backup solutions provide AES 256-bit encryption of data at rest and in transit, and the data centers where cloud data are stored are ISO and/or SOC II certified. Data is protected from unauthorized access with immutable storage and access controls, and there are multiple copies of customer data securely stored to provide redundancy. Barracuda Cloud safeguards data in such a way as to satisfy compliance requirements such as HIPAA’s Security Rule.

In addition, Barracuda Data Inspector helps organizations spot sensitive data as soon as it appears in OneDrive or SharePoint, making it easier to develop and enforce policies that comply with GDPR, CCPA, and other data privacy regulations.

Could you share some success stories or case studies where Barracuda’s solutions have made a significant impact in enhancing security protection for its clients?

It’s always an honor to share success stories we hear about from our customers. My favorites are the stories from customers who have multiple Barracuda solutions because I love seeing how the relationships have evolved and deepened over time and how we’ve been able to provide solutions to help organizations stay secure across multiple threat vectors.

For example, Mansour Group, which is a regional organization the delivers technology solutions in the industrial, mining, and rail industries, started out by doing a free Email Threat Scan with Barracuda. They were looking into upgrading their email security after getting hit with two consecutive conversation hijacking attacks, and they were impressed to see the threats the scan uncovered that their current solution had missed. After transitioning to Barracuda Email Protection to help address impersonation attacks and phishing attempts, they quickly added Barracuda Cloud-to-Cloud Backup and Barracuda Security Awareness Training. 

Similarly, Geoactive Limited, a Scottish software developer, started their relationship with Barracuda CloudGen Firewall and over time added Barracuda Email Protection, Barracuda XDR, and Barracuda CloudGen Access.

You can find even more fantastic stories like this on our website.

Innovation is key in staying ahead of cyber threats. How does Barracuda drive innovation in its solutions to address emerging challenges and technologies, do you have available opportunities for partnerships in this mission?

Our product teams have been using artificial intelligence and machine learning to help improve the efficacy of our solutions, even before the recent AI boom. For example, new machine learning classifiers were introduced to Barracuda Email Gateway Defense to enhance its detection efficacy. The machine learning capability is trained using labeled datasets and continuously updated with new data to ensure it remains effective and adaptive to evolving threats, and we now block an additional 2.3 million attacks every day with Barracuda Email Gateway Defense.

Barracuda is also in a unique position to leverage the power of our global threat intelligence network based on information from millions of collection points around the world, including deployed Barracuda endpoints from all our different solutions. This allows us to adjust classifiers in real time and provide products with higher efficacy against the latest threats.

Looking forward, what exciting developments or initiatives can we expect from Barracuda , do you have more tips for our readers today?

I can’t give away too much about what’s coming up on our product roadmap, but we have some exciting developments in store, and I’m looking forward to sharing more soon. For organizations that want to improve their cybersecurity posture but aren’t sure where to start, Barracuda offers a number of free, easy-to-use tools such as our Microsoft 365 Email Threat Scan and Barracuda Vulnerability Manager that will help you identify potential security gaps that Barracuda can help you address. 

Comments
To Top

Pin It on Pinterest

Share This