Andrew Kahl, BackBox: “downtime recovery preparedness is a measure of network health that is often overlooked”

Maintaining network security tasks manually is no cakewalk. Human errors become almost a daily occurrence, which inevitably ends in data breaches.

That's where network automation management solutions come in handy. By using them, you are just one click away from ensuring network health, guaranteeing high availability resilience, and achieving business continuity.

To find out more about common misconceptions regarding network automation products, how to detect compromised network health, and what attacks could be expected in the upcoming years, Cybernews contacted Andrew Kahl, CEO of BackBox – a market leader in network automation, security, and management solutions.

Tell us more about your story. How did BackBox evolve into what it is today?

BackBox was founded in 2009 by Rafi Zvi, Roy Horev, and Arik Elias. For over 10 years, enterprises have relied on BackBox for its superior automated backup and recovery solution. We have continued to innovate and respond to our customer’s needs, including adding dynamic discovery and detailed inventory of the software and hardware configurations of all devices across the network.

We have also introduced task automation which has freed up network engineers’ time and energy so they can focus on strategic projects such as traffic shaping, network design and planning, and hybrid cloud network security.

Can you introduce us to your network automation products? What are their key features?

BackBox assists companies in automating and streamlining complex network tasks, ultimately giving organizations the ability to do more with fewer resources. Instead of relying on manual processes or scattered functions across an array of platforms, BackBox enables a more secure and resilient posture by automating all routine tasks into a single, easy-to-use system.

Time and time again, we see companies of all sizes fall victim to cyberattacks, data breaches, network outages, and other disruptions to routine processes due to human error and disorganized IT processes. With BackBox, customers are able to gain full visibility into their networks through a single management platform that controls and automates IT processes in their entirety, without the chance of human error.

What are the early signs of compromised network health that if overlooked, can lead to serious problems?

One of the most common causes of compromised network health is the neglect of critical but repetitive administrative tasks, like upgrading operating systems and applying patches. Cybersecurity is about concentric rings of perimeter security: each firewall, router, switch, and endpoint create their own perimeters for their own parts of the network.

As the security posture of any part of this ecosystem degrades, the posture of the entire system degrades, so keeping everything up to date is key. However, the scale and complexity of today’s networks make this a task with no end, so it often gets pushed to the bottom of the list in favor of more urgent work. If you haven’t automated the continuous improvement of the health, performance, and compliance of your network, it is at risk of being compromised.

A measure of network health that is often overlooked is how prepared the network and netops team are to recover from unplanned downtime. In order to be properly prepared in the event of a cyberattack or other outage, organizations need to have a documented, specific, and regularly reviewed strategy for backup and for rapidly restoring the network to the desired state. The strategy should include housing a complete IT inventory, outlining specific responsibilities, exercising alternative communication methods, and a means by which any member of the team can validate the results.

Finally, most organizations employ a combination of internal policies and industry or government regulations to ensure that the network is configured for security, performance, and privacy. However, if you aren’t routinely scanning the entire network to ensure each and every configuration is compliant, and quickly (automatically, if possible) remediating any deviations from policy, you will quickly fall out of compliance and introduce significant risk.

How do you think the recent global events affected the cybersecurity industry?

The COVID-19 pandemic created an overnight shift in company operations and distribution of work, with many companies still operating in remote or hybrid settings across multiple geographic regions.

This distribution of work environments, combined with a wide variety of vendors represented in companies’ IT infrastructure, has made network management that much more complex and challenging, leading to a greater risk of misconfigurations or other incidents that can lead to outages or cyberattacks.

This complexity calls for solutions like BackBox that make it easy for anyone in the company, no matter where they are located, to automate network management tasks as well as restore the network with a single click in case of an outage.

What are the most common misconceptions people tend to have regarding network automation?

The most common misconception of network automation is that it falls into one of two extremes – either a piecemeal approach that still requires a significant amount of manual labor and scripting in order to automate highly specific tasks or a complete end-to-end approach to network automation which requires an overhaul of your IT environment, with no middle ground.

Besides quality network security systems, what other measures do you think should be a part of every modern company?

Not enough attention is given to consistency and uniformity in network security and operations. Network engineers are intelligent and generally capable of quickly and directly solving any challenges that arise.

Unfortunately, this can lead to critical information being siloed with individuals or small groups. If the network as a whole becomes too dependent on the skill sets of a handful of individuals, simple and inevitable events like employee turnover and time off suddenly become a significant source of risk.

Standardization of operations and uniformity in task execution are imperative to the stability of the network, and so is having a “single source of truth” for network inventory and configuration information.

In your opinion, what kind of attacks are we going to see more of in the upcoming years?

In the coming years, we will continue to see threat actors exploit critical vulnerabilities more and more. In fact, 27% of organizations said they had suffered a data breach as the result of an unpatched vulnerability.

Staying on top of patch management to address vulnerabilities and knowing which patches to prioritize is a notoriously tedious task for IT teams. Network automation solutions can automate software updates and patch management to create a sound network and security operations strategy.

What other company processes do you hope to see automated in the near future?

We envision a future where the complete lifecycle of devices in the network is automated, starting from onboarding a new device to integrating it entirely with a network. The devices and policy management solutions that our company offers make it easy to change network configuration across vendors, signaling the future of a self-sustained network.

A lot of network teams find themselves wondering why they still need to execute many repetitive tasks manually today, but see the bright future of automation ahead.

And finally, would you like to share what’s next for BackBox?

In the last year, BackBox saw a 40% growth in recurring revenue, a 20% growth in bookings including new customers in the energy, financial, and entertainment sectors across the U.S. and Europe, and greater than 95% customer retention. We’ve also recently opened new global headquarters in Dallas, Texas which will support our expansion plans in North America.

On the heels of our recent funding, BackBox is in an accelerated growth period, and we are aggressively adding talent. We’re working on continuing to enhance our network vulnerability detection and remediation functionality, and we plan to expand our cloud automation and SaaS capabilities in the near future.