Barracuda also related their latest Threat Spotlight, which found that account takeover incidents, which are addressed by the Barracuda Sentinel solution that is part of the bundle, are increasing in frequency.
Barracuda Networks has announced that all three of their email security protection products will now be available in a single SKU, which they are terming the Barracuda Total Email Protection bundle. It includes their Barracuda Essentials offering – itself an earlier bundle – and two offerings added since Barracuda Essentials was created. Barracuda Sentinel, designed to combat spear phishing, was introduced a little over a year ago, while Barracuda PhishLine is a product of Barracuda’s acquisition of PhishLine earlier this year.
“The new bundle brings three products together, but it could really be looked at as five separate products, since Barracuda Essentials has backup and archiving capabilities,” said Asaf Cidon, Vice President, E-mail Security, at Barracuda.
For partners, the single bundle has multiple and obvious advantages.
“It’s a single SKU, with lower friction, and a faster sales cycle, especially if the customer is migrating from on-prem to cloud,” Cidon said. “The message is more complete, with different layers of security in one story.”
Customers are already responding well to all three products independently.
“Essentials is a two-old bundle, and as the most mature product, has the biggest sales,” Cidon indicated. “However, while Sentinel is a year old, it is one of the fastest growing products in the history of Barracuda. PhishLine is more recent but in its short timeframe we have seen sales pick up pretty significantly. Customers have already been purchasing more than one, and their growth fed on each other. It’s much more natural to include them as one SKU.”
Barracuda is offering a discount on the bundle which Cidon described as significant.
“We are in a bit of a bit of a unique position, and we have the most comprehensive solution on the market, and can pass on savings to the customer and partner,” he indicated.
Cidon said that the announcement had relevancy to Barracuda’s newest Threat Spotlight, also being announced today, that found that account takeover incidents are increasing in frequency and magnitude.
“We did a longitudinal study, where we looked at 50 companies over three months, and had them report account takeover incidents,” he stated. “These are an attack where the attacker steals the credentials of an employee – and can then log in and send emails from their account. We found that these attacks are frequent, and affected a large number of customers. Over three months we had 60 total incidents – and that’s where the incident was successful, and where it was reported to us. Others may not have been reported, or detected.” Success was defined as when an email was compromised and at least one malicious email sent. Some employees were compromised multiple times.”
Most of these were phishing attacks.
“We found about 80 per cent were phishing in terms of what they sent from the compromised account,” Cidon noted. “The majority were also sent internally – to steal more credentials. 17 per cent were used to launch spam – especially from high-reputation sites. A smaller percentage involved attachments trying to infect with malware.”
The study also looked at the type of employee affected.
“We thought that executives might be targeted, but only 6 per cent were execs,” Cideon indicated. “It’s not just high levels. We also analyzed the departments affected. There was a clear bias to targeting more sensitive departments.
The conclusion was that companies need to be worried about these attacks across the board.
“We have a comprehensive solution for account takeover,” Cidon said. “Barracuda Sentinel uses AI to automatically detect these accounts – and can retroactively clean up the accounts.” It’s also something they plan to make bigger and better as time goes on.
“The PhishLine training solution is also very pertinent here,” Cidon indicated.