1. Better Security Requires Greater Access to Threat Intelligence
Better security starts with better information about threats. But what exactly does this mean, and how can businesses get it?
“Threat intelligence is about the signals and information that you collect from various tools,” says Fleming Shi, CTO at Barracuda Networks. “Based on those signals, you can have correlated information that allows you to drive your response.” He points to familiar phishing attacks. “Threat intelligence helps businesses determine the intent of phishing efforts, why your company was targeted and the overall risk involved.”
Solutions such as Barracuda’s Advanced Threat Protection can help companies pinpoint potential threats and take action before a compromise occurs. “Since 2004, we’ve made sure that our products are data-driven,” says Shi. “It’s about bringing the signals, creating the information and stopping the threats. With our new threat intelligence microservices, we can capture threat intelligence signals across more than 300,000 organizations and make this data available to all customers.”
2. Improving Overall Security With Cloud-Based Defenses
It’s also critical for companies to implement cloud-based defenses capable of handling threats at scale.
Shi notes that these defenses are different than those used for on-premises networks. Consider firewalls. “Most of what businesses built was connecting perimeters, but a cloud-based next-generation firewall is perimeterless because you have central hubs that connect workloads across the cloud and along the edge of your network,” he says.
As a result, companies need firewall solutions that go beyond whitelisting and blacklisting to ensure inter-cloud connections are secure. The Barracuda CloudGen Firewall provides frictionless, cloud-hosted advanced threat protection to help detect and block advanced threats, including zero-day and ransomware attacks.
He also highlights the dynamic nature of these firewalls. “What we see in the future is going beyond just IP-based solutions to give companies the ability to control flows and change routes, while on the edge we see an evolution of zero-trust network architecture,” says Shi. “The difference is that we’re taking away the network, since the need for zero-trust access is everywhere.”
Shi also recommends the use of strong web application filters capable of preventing attacks on software applications by limiting the risk of lateral movement, along with the adoption of security posture management to help reduce the blast radius if services are compromised.