Christian Ferenz, Cubro: "insecure networks are always a prime target of malicious actors"
Every company that carries out operations in the digital space has numerous complex systems to support its workflows. All of these systems are interconnected, meaning that if one's compromised, the entire company network is in danger.
Unfortunately, malicious threat actors are successfully finding vulnerable points in insecure networks and everybody has seen the headlines – breaches happen every day. As a result, many organizations suffer damaging consequences from the attacks, such as financial and reputational losses.
How did the idea of Cubro originate? What has your journey been like?
I used to sell monitoring boxes as a reseller. A customer asked me if I could provide him with a network TAP (Test Access Point) during one of our business meetings. The company already had several monitoring tools but wanted to deploy a network TAP. He explained how it could reduce the company's IT costs.
In those days, there weren't many vendors offering network visibility tools. This was the beginning. I decided to grab that opportunity. Together with three of my colleagues (co-founders of the company), we created a Network TAP that the customer tested and after some changes decided to deploy in the company’s network. Those first TAPs which we made in 2003 are still deployed in the company’s network.
Our sustainable success over the past 19 years is based on our ability to develop innovative solutions that address modern IT challenges. Cubro accomplishes this by designing and manufacturing with specific attention to customer challenges, ensuring that the company is ready to address future demands. It is easy to budget for Cubro products as there are no hidden fees, and they can be easily implemented, expanded, and managed independently or centrally by a single, centralized management system. Cubro prides itself on providing excellent support that helps our customers to make the most out of our solutions for many years to come.
Can you introduce us to your Custos solution? What are the main issues it helps solve?
Custos, developed by Cubro, is an embedded monitoring software option for Cubro’s Omnia product line which addresses the challenges that companies with limited IT resources face. IT staff is frequently overloaded with installation, support, and updating software and systems activities.
The monitoring software helps small and medium-sized businesses to cost-effectively manage and secure their networks more efficiently.
Custos can identify suspicious devices and network activity, malfunctioning hardware, connection issues as well as underperforming services. It advises on methods to remediate identified issues through an organized, easily understood dashboard using plain, non-technical language. Furthermore, it can supplement and complement your IT team by identifying actionable items and potential issues before they become costly problems. Also, it functions as a network sensor to enhance various monitoring and security solutions by passively generating DPI output from network traffic.
In your opinion, what are the most serious threats carried out via insecure networks?
It depends on the network and what it contains. However, insecure networks are always a prime target of malicious actors to add endpoints to a botnet or command and control system. If the network hosts systems that provide services to other systems, like a file server, then it becomes another vector to enable the compromise of further systems. Lastly, IoT systems are of major concern as the industry has been slow to address security problems and embedded systems are particularly difficult to patch for vulnerabilities. Meanwhile, these devices can often control critical functions in a variety of infrastructures creating a high-value target for bad actors.
How did the recent global events affect your field of work?
If anything, Network Visibility and Monitoring solutions have seen an increase in demand. Between this sudden increase, the emergence of remote work, and the seemingly never-ending escalation in security breaches, there is a strong need for comprehensive visibility solutions that enable network and security teams to more quickly analyze network events and take action where necessary.
Share with us, what early signs indicate that there might be something malicious lurking in the company network?
Things like new and/or unusual traffic patterns and protocols could be an early warning sign. Also, endpoints that typically don’t communicate with each other but are suddenly attempting to make connections could be an indicator of lateral movement. Similarly, increased activity at odd business hours could be another sign of potential compromise.
Besides quality network security systems, what other measures do you think should be a part of every modern company?
In terms of technology, network monitoring systems are important to ensure that IT networks are delivering the service required by end-users, and analytics systems are important for ongoing network planning and regulatory compliance. Network visibility solutions, such as those manufactured by Cubro, are essential to ensure that the network security, monitoring, and analytics systems (network tools) can function correctly.
Network Visibility solutions ensure that the network tools receive all of the relevant network traffic that they need to analyze. They also reduce the loading on the network tools so that they operate efficiently while reducing their cost of ownership and maximizing their return on investment as well as removing any single point of failure of the network tools for business continuity. Network Visibility is the plumbing for network tools that allow companies to secure their networks, maintain network performance, and maintain regulatory compliance.
Employee adherence to robust security policies and procedures is vital to complement security technology for a good security posture. Ongoing employee training is necessary to ensure their awareness of current security procedures and how to carry them out.
Although there are more security solutions and providers available than ever before, certain companies and individuals still hesitate to upgrade their IT operations. Why do you think that is the case?
In most cases, I think it is because of the risk involved since IT systems operate to the benefit of the business. So upgrading existing systems is an important decision that can have security posture, business continuity, cost, and risk considerations that can negatively impact the business. To ensure business value is continually delivered, IT upgrades need to be evaluated and planned in detail to reduce the risks associated with change and deliver a successful outcome.
Network security products are rarely deployed in isolation and an upgrade of a security product can cause a malfunction in other connected network security, network infrastructure, or IT devices to reduce overall security posture, reduce network and security service uptime, and incur significant time and expense to resolve.
Once again Network Visibility solutions can help. They reduce the risk of IT operational upgrades by acting as an intermediary between network security tools, network infrastructure devices, and IT devices and by mitigating disparate connection speeds and media. This means that network security devices can be removed from service for upgrade and reinserted without requiring or causing network downtime. Similarly, different speed connection security tools and network or IT devices can be interconnected to allow lower-risk upgrades and technology transitions instead of higher-risk forklift upgrades.
In your opinion, what kind of attacks are we going to see more of in the upcoming years? What can average Internet users do to protect their home networks?
In this increasingly interconnected world, with a growing dependence on technology, I believe that everyone will have to take some responsibility for understanding and practicing security concepts just as we take responsibility for reasonably securing our homes against physical intrusion. I also believe it is the responsibility of those of us who are technology professionals to educate and help those whose focus is on other areas of expertise. Fortunately, for anyone inclined to learn there are many resources available online that will help even complete beginners implement resilient defenses.
Whether it is the pervasive attempts to spread malware or scam the unfortunate to the targeted threats against individuals and organizations there always will be a new crisis for attackers to capitalize on. The motives of an attacker are not always clear, but some common ones are a desire to steal personal information, money, and intellectual property or a desire to undermine, discredit, or embarrass an individual or organization.
Tell us, what’s next for Cubro?
Modern network technologists find it challenging and overwhelming to manage their networks to minimize legal and technical issues, so they must be able to recognize performance issues, abnormal behavior, and data leaks along with being able to prove that they are protecting their networks. Carriers, data centers, defense organizations, and enterprises need to be able to see their data and applications in real-time to secure and manage their growing networks and traffic demands while improving productivity and keeping watch for attacks and leaks.
The key to this success is Total Network Visibility with Line Rate, Real-Time network segmentation capabilities, and focus views. Because of these demands, network technologists should know who Cubro is and understand its capabilities to provide this challenging Total Network Visibility. Cubro’s technology enables today's organizations to respond to these advanced and complex challenges with solutions that not only protect and grow their network technology but also do so over the long term.