Page 21 - Cyber Warnings
P. 21
Encryption offers a useful cover for cyber criminals. But, it’s startling clear that most IT and
security professionals don’t realize how these blind spots can impact the security technologies
they depend on. Organizations need proper visibility into their encryption program. Without this
understanding, many of their security solutions are useless against the increasing number of
attacks hiding in encrypted traffic.
In addition, it’s clear that many security professionals are overconfident in their ability to quickly
remediate a cyber attack hidden in their encrypted traffic, despite only inspecting and decrypting
a small percentage of their internal traffic. According to the 2017 Mandiant M-Trends report, the
average time it takes to detect a cyber attack is 99 days.
Unfortunately, the problem is that attackers lurking in encrypted traffic make quick responses
even more difficult. This is especially true for organizations without mature inbound, cross-
network, and outbound inspection programs. This bullishness makes it very clear that most
security professionals don’t have the right strategies necessary to protect against malicious
encrypted traffic.
Security professionals must understand that encryption, like all security solutions, is not a silver
bullet. Additional tools and protocols are needed to effectively utilize encryption and protect their
organization’s traffic, including solutions that offer consistent identification, remediation and
protection. Security professionals must inspect and decrypt their traffic on a regular basis in
order to catch malicious actors before they take advantage of encrypted systems.
Sadly, most security programs were developed before encrypted TLS/SSL contributed the
majority of an organizations network traffic. However, integrating security with machine identity
protection is a huge leap forward in the effective inspection of encrypted traffic. Combined with
automation, organizations can streamline the entire process of encryption monitoring.
Encryption is a fundamental security tool, but it can carry unique risks. With proper machine
identity protection, you can utilize encryption without exposing your organization sensitive
corporate data and IP from malicious actors.
About the Author
Tim Bedard is responsible for digital trust analytics at Venafi. With more than
twenty years of IT security and strategy experience, Tim successfully launched
SailPoint Technologies cloud-based identity and access management offering with
responsibilities for strategic planning to execution of all services. Previously, he
has held leadership positions in product strategy, management and marketing at
RSA Security and CA Technologies. Tim is active security evangelist at industry
leading tradeshows and events.
21 Cyber Warnings E-Magazine – May 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
