Barracuda Networks is adding forensics and incident management capabilities at no additional cost to the suite of software that it provides to secure emails.
Asaf Cidon, vice president of content security for Barracuda, said cybersecurity professionals waste an inordinate amount of time manually responding to security incidents. By including forensics and incident management capabilities in the Barracuda Total Email Protection, the time spent investigating email threats can be reduced sharply.
The forensics and incident response capabilities included in Barracuda Total Email Protection can be employed to identify anomalies in email faster, as well as issue alerts to end users, determine who in the organization may have already clicked on a link and remove emails directly from inboxes. Cybersecurity professionals also can automatically block any additional emails being sent from a specific email address.
Barracuda Total Email Protection bundles a core email security gateway with Barracuda Sentinel, a service that leverage machine learning algorithms to identify email anomalies, and Barracuda Phishline, a platform for training end users by simulating phishing attacks.
Going forward, Cidon said the incident management framework now embedded in the Barracuda email protection platform will be extended via application programming interfaces (API) to include integration with a wide range of other security technologies, including network firewalls.
Cidon noted that very few organizations have a dedicated framework in place for automating security incident management mainly because they can’t afford to deploy and master a separate platform. By making forensics and incident management capabilities a core element of the Barracuda Total Email Protection suite, it should become feasible for many more organizations to apply automation to cybersecurity, he said.
Additional automation is especially critical when it comes to email security, Cidon added, because most cybersecurity attacks that organizations contend with still arrive via email, usually as part of a phishing attack that attempts to fool end users into either downloading an attachment or clicking on a link that takes them to a web domain loaded with malware.
The most frustrating thing about a phishing attack is that, if successful, it enables cybercriminals to essentially bypass all the existing cybersecurity defenses an organization may have in place because the end user directly downloads a piece of malware on their system. Training end users to recognize phishing attacks can go a long way toward reducing the number of email security incidents. But there always will be some portion of the end user population that is tricked into downloading malware, especially as phishing attacks become more sophisticated. Cybercriminals are becoming more adept at employing social engineering techniques in ways that make the emails they send appear to be legitimate, even to the most observant of end users.
Given the chronic shortage of cybersecurity professionals, it’s all but inevitable cybersecurity teams will be relying more on automation to combat myriads threats. The only real issue is determining what the true cost of the IT security automation framework employed to achieve that goal will be.