Fifteen years of holding the cyber-fort

This winter marks 15 years since six people huddled together in a small office in Los Altos as the beginnings of the Barracuda you know today. In this decade and a half, we’ve witnessed the highs, the lows, and many, many changes the cybersecurity landscape has faced - and there’s no sign of it settling down any time soon.

President Roosevelt coined a wise line: the more one knows about the past, the better prepared they are for the future. I couldn’t agree more, which is why in order to stay at the innovative edge of cybersecurity, we’ve made it our business to remember what’s come before it.

We know better than most how rapidly this entire industry can shift, which is why we recently surveyed over 1,500 IT leaders and security professionals globally on how their security priorities have morphed in recent times, and what they believe their future holds.  

IPO

The story so far

We’ve come on leaps and bounds since 2003, with the Internet being fully realised in every aspect of society. Online shopping has replaced the humble shop window to become the new trading platform between businesses and customers. As the world has become more reliant on the web, its vaults and riches have become the target of increasingly intelligent and mobilised cybercriminals, attracted by both the reward and the anonymity the web offers.  

Of course these criminals aren’t stealing money like traditional bank robbers, at least not directly. These days, many cybercriminals and syndicates target valuable information and customer data that can be sold on to the highest bidder or held hostage for a costly ransom. While their motivations haven’t changed in this time, their tools for doing so have matured; of these tools, respondents stated ransomware (24%) and phishing attacks (21%) as their biggest security concerns, compared to viruses (26%) and spam and worms (18%) which topped the list back in 2003. It’s clear then that the threat landscape has changed considerably in this time, keeping security professionals the world over on their feet.

When asked to identify their top security priorities in both 2003 and 2018, our respondents named email and networks as their chief concerns in both surveys. 25% and 23% of respondents expressed that email was their top security priority in 2018 and 2003, while network security came in at a marginal second place on both surveys, with 24% and 22% opting for it as their chief concern in 2003 and 2018 respectively.

This all changes when we asked our IT professionals to look to the future. While email and network security may currently be a higher concern than cloud security for most of our respondents, a quarter (25%) believe the cloud will become their number one security concern in 15 years time. Leapfrogging the security concerns of today, cloud security overtook email, network, and data security by a significant margin, with each being selected by just 14% of respondents. Compared to 2003 (3%) and 2018 (14%), it’s clear that IT professionals are anxiously anticipating fully realised cloud computing.

(Image credit: Image Credit: Everything Possible / Shutterstock)

As the cloud has gained traction over the past 15 years, it’s clear that its place on IT teams’ list of worries has raised in accordance. The worldwide adoption of cloud, mobile and app-based services since 2003 has revolutionised business, driving productivity, flexibility, agility and innovation at an exponential rate. But don’t take my word for it; just ask Jeff Bezos. In the last 15 years, Amazon Web Services has leapt from the drawing board to one of the world’s leading cloud computing platforms, used by 88% of organisations in the UK alone.  

Of course our respondents were right, and the emergence of the cloud hasn’t come without its fair share of problems, complexities, and new avenues for cybercriminals to wreak havoc. As groundbreaking as it’s been for businesses, the cloud also empowers hackers with immediate, highly scalable computer power to host malware, run botnets and more. It’s no wonder cloud security is beginning to become the leading concern in IT leaders; with more data than ever house in the cloud, businesses are increasingly at the mercy of their attackers when they’re separated from it.

That’s not all they’re concerned about. Artificial Intelligence (AI) is also at the forefront of IT professionals’ minds, as both a way to improve security and as a potential threat. Almost a third (31%) of participants highlighted AI as the number one technology they plan to rely on to improve their future security, while 43% predict the increasing use of AI, coupled with machine learning, as the development that will have the largest impact on cybersecurity in the future. Contrastingly, 41% fear weaponized AI will be the most dangerous tool at future hacker’s disposal, able to convincingly synthesize the voice, image, or video of any given target, leaving many of the security measures of today in the dust.

The times they are a changin'

My magic eightball and I can’t predict the future, but we can hazard a pretty good guess by looking at our past. Technology is dominating every aspect of our lives and shows no signs of stopping. If we wish to continue coexisting with this new digital world, security will have to evolve at a matching pace - there’s too much at stake for that not to be the case.

Cybercrime is already costing the global economy a cool $1.5 trillion each year, whether it’s committed by crime syndicates, nation-states or lone rangers. Understandable, then, why modern CSOs are under such immense pressure; they are overwhelmed by the amount of tools on offer, in the knowledge that they simply cannot make their organisation impenetrable - all whilst witnessing the many, many breaches circulating the weekly headlines.

It’s a lot for one shoulder to take, which is why I believe it is up to boards to understand the importance of effective security as well as advancing digital transformation efforts, ensuring the two go hand in hand and are supported and funded as they should be.  

Afterall, trillions of lost dollars are one thing, but potential physical cyber attacks are another beast entirely. The Internet of Things (IoT) has with it brought far more dangerous physical threats, such as hijacked autonomous vehicles or drone brigades. As cyber criminals evolve and adapt, so too must the IT security teams of the world.

BJ Jenkins, CEO of Barracuda Networks

BJ Jenkins
BJ joined Barracuda Networks in November 2012 and has presided over many landmark moments in its history. His leadership was integral to the company’s IPO on the New York Stock Exchange, as well as the strategic acquisitions of SignNow, Intronis, Sonian and PhishLine. Under the ownership of private equity investment firm Thoma Bravo, LLC, his vision continues to inspire the business in its ambition to be a trusted and continuous partner in organizations journey to defend against cyber attacks.