In a recent interaction with CSO Forum, Parag Khurana, Country Manager, India at Barracuda Networks, shared valuable insights into the evolving cybersecurity landscape and the industry’s key challenges.
Country Manager, India
Barracuda Networks
As cyber threats grow more sophisticated and attack surfaces expand, organizations face unprecedented challenges in securing their digital assets. In a recent interaction with CSO Forum, Parag Khurana, Country Manager, India at Barracuda Networks, shares critical insights into the evolving cybersecurity landscape, highlighting how AI-driven attacks and as-a-service attack platforms will reshape threat dynamics over the next few years. While traditional security measures remain essential, the focus is shifting toward cyber resilience – the ability to quickly detect, contain, and neutralize incidents. Parag said that success in 2025 will depend on organizations adopting proactive, integrated approaches to security, leveraging AI-powered solutions, and addressing the growing complexity of multi-cloud environments while navigating a persistent cybersecurity talent shortage.
CSOForum: How do you see the cybersecurity landscape evolving over the next 3–5 years?
Parag Khurana: Over the next few years, cybersecurity will need to adapt to an increasingly complex threat landscape. Attackers will use their targets’ expanding digital attack surfaces and leverage widely available AI tools to target organizations with multi-stage and multi-level attacks. The proliferation of as-a-service attack platforms developed and maintained by gangs with the skills and resources to create sophisticated and evasive tools and templates will grow. And as security technologies continue to become more advanced, attacks will become faster.
Organizations must adopt a more proactive, integrated, and extended approach to cybersecurity. They will need to focus not just on threat prevention but also on threat detection and response. As attacks become more sophisticated, the chances are higher that one will get past more traditional defenses. Cyber resilience—detecting, containing, and neutralizing incidents–should be a key component of security strategies.
CSOForum: What are the most significant security threats enterprises should prepare for in 2025 and beyond?
Parag Khurana: Organizations need to prepare for increasingly innovative and evasive cyber threats in 2025. Attackers will look for and leverage any unprotected devices or open access points. Social engineering will become increasingly hard to detect as attackers leverage AI tools. Supply chain vulnerabilities will remain a significant risk as attackers exploit weaknesses in third-party vendors and cloud services, while zero-day exploits will target undiscovered software flaws.
Organizational factors, such as growing IT complexity and a scarcity of professional cybersecurity skills, will make cybersecurity a significant challenge for reduced-constrained organizations.
It is also important to remember that the most significant security threats are not necessarily the most advanced. They include inadequate authentication measures for account logins, poor password policies, a lack of education about social engineering, under-protected VPNs, and the poorly managed use of remote desktop protocols.
CSOForum: How should organizations adapt their security strategies to the increasing sophistication of AI-driven cyber threats?
Parag Khurana: Organizations should integrate AI and machine learning (ML) into their cybersecurity strategies to enhance and automate threat detection, response, and remediation. Investing in AI-powered threat intelligence, behavior-based anomaly detection, and continuous authentication can help detect and mitigate attacks before they escalate.
CSOForum: How is AI/ML transforming threat detection and incident response?
Parag Khurana: AI/ML transforms threat detection and incident response by enabling proactive, AI-driven security that adapts to evolving threats across multi-cloud and hybrid environments. It enhances cybersecurity by identifying anomalies in real-time through behavioral analytics, reducing false positives to help security teams focus on genuine threats, automating incident response for faster containment, and predicting potential attacks based on historical data.
CSOForum: What sets your security solutions apart from competitors in the cybersecurity space?
Parag Khurana: Our security solutions are innovative, advanced, and easy to buy, deploy, and use. This makes them ideal for organizations with limited resources to invest in cybersecurity. We provide AI-driven threat protection across email, networks, applications, and data, with a comprehensive approach that includes secure backup, Managed XDR, and cloud-native security for hybrid and multi-cloud environments. With integrated threat detection, Barracuda helps organizations reduce attack response times from hours to minutes while comprehensive backup and recovery ensure business continuity. Additionally, industry-leading support and API security measures help mitigate risks without disrupting operations, enabling organizations to stay resilient against emerging threats.
CSOForum: How do global regulations like GDPR, CCPA, and India’s Digital Personal Data Protection Act impact enterprise security strategies?
Parag Khurana: Global regulations like GDPR, CCPA, and India’s Digital Personal Data Protection Act (DPDPA) are reshaping organizational security strategies by emphasizing data protection, breach notification, and user privacy. Organizations must implement strong encryption, access controls, and data loss prevention to safeguard sensitive data, while secure backup and incident response plans are essential for compliance and resilience.
The new 2025 DPDP Rules further require businesses to proactively mitigate cybersecurity risks by adopting strong access and authentication principles, multi-layered defense strategies, and proactive threat hunting to detect and respond to unauthorized access quickly.
CSOForum: What are the top three technology investments CISOs should prioritize in the next two years?
Parag Khurana: Attackers will exploit every security gap to further attacks and leverage increasingly advanced and evasive tools and techniques. Over the next two years, CISOs should prioritize investments in extended, comprehensive security platforms such as XDR, ideally underpinned by threat intelligence to detect emerging threats and a 24/7 human security operations center (SOC) to monitor and respond to threats.
A comprehensive XDR solution that integrates network, endpoint, server, cloud, and email security means that every corner of the digital infrastructure is monitored and protected with advanced security measures and a full spectrum of defensive tools combined with proactive threat-hunting and response strategies. This allows for swift action and minimizes the window of opportunity for threat actors.
While cyber resilience and risk management are the key concepts for future cybersecurity, it is essential to remember that advanced threat prevention, email protection, and security awareness training remain as critical as ever.
CSOForum: What role will quantum computing play in cybersecurity, and how should organizations prepare?
Parag Khurana: Quantum computing presents a long-term challenge to cybersecurity, as its advanced algorithms could eventually break current encryption standards based on integer factorization and discrete logarithms. While large-scale quantum threats may still be years away, organizations with the means to do so are likely to start preparing by exploring post-quantum cryptography, strengthening key management strategies, and working with cybersecurity vendors to develop quantum-resistant solutions. While quantum computing may not pose an immediate risk in 2025, its potential impact on encryption and data security makes it a critical area to monitor and prepare for in the coming years.
CSOForum: How can organizations bridge the cybersecurity talent gap and reduce workforce burnout?
Parag Khurana: Organizations can bridge the cybersecurity talent gap and reduce workforce burnout by leveraging AI-powered security automation to handle routine tasks, minimizing manual workload, and improving efficiency. Solutions such as Managed XDR extend security expertise, providing 24/7 threat monitoring and response without overburdening in-house teams.
Investing in continuous training and upskilling programs ensures employees stay ahead of evolving threats, while user-friendly security solutions help streamline operations and reduce alert fatigue. By integrating these strategies, organizations can enhance security posture while supporting their teams with practical tools, automation, and ongoing education.
CSOForum: What would it be if you had to give one piece of advice to CISOs preparing for 2025 and beyond?
Parag Khurana: For CISOs preparing for 2025 and beyond, the key is to adopt a resilient mindset, focusing on multi-layered defenses beyond prevention to ensure rapid detection and response. This includes Managed XDR for proactive threat mitigation, continuous cybersecurity training to keep teams prepared for evolving threats, and comprehensive asset inventories to maintain complete visibility and control over the attack surface. By prioritizing resilience, CISOs can strengthen their organization’s ability to withstand, adapt to, and recover from cyber threats in an increasingly complex landscape.
CSOForum: With Barracuda’s focus on cloud security, how do you see the role of multi-cloud environments in shaping the future of cybersecurity, and what unique challenges do businesses face in securing these environments?
Parag Khurana: Multi-cloud environments are shaping the future of cybersecurity by offering greater flexibility and scalability, but they also introduce visibility gaps, misconfigurations, and data fragmentation that can increase security risks. Managing security across multiple cloud providers is complex, and misconfigurations remain a leading cause of cloud breaches, making consistent policy enforcement critical. As businesses expand their cloud strategies, securing these environments is essential for resilience against modern cyber threats.
With a commitment to innovation, we are enhancing its AI and machine learning platform for advanced threat detection and automated response. Additionally, the Barracuda Partner Success Program continues to expand, offering resources, incentives, and certifications to help partners deliver more substantial security outcomes in the evolving multi-cloud landscape.
