How well can your company defend itself? In a survey released today from Venafi, a provider of protection for machine identities, the results of over 1540 information security professionals on their organisations’ capability to defend against threats hiding in encrypted communications was revealed.
Encryption is critical to the world’s digital economy because of the fundamental role it plays in protecting data privacy.
However, as the use of encryption explodes, cyber criminals are finding ways to hide attacks inside encrypted traffic; a recent study from A10 Networks found that 41% of cyber attacks used encryption to evade detection. And Gartner estimates that 50% of all network attacks will use this method this year, so it’s a clear issue that needs to be addressed.
>See also: Encryption – what does it mean?
According to the Venafi survey, nearly a quarter of the respondents (23%) have no idea how much of their encrypted traffic is decrypted and inspected.
“Encryption offers the perfect cover for cyber criminals,” said Kevin Bocek, chief security strategist for Venafi. “It’s alarming that almost one out of four security professionals doesn’t know if his or her organisation is looking for threats hiding in encrypted traffic. It’s clear that most IT and security professionals don’t realise the security technologies they depend on to protect their business are useless against the increasing number of attacks hiding in encrypted traffic.”
The report suggested that the average time it takes to detect a cyber attack is 99 days, but 41% of respondents to the Venafi survey believed they could detect and respond to a cyber attack hidden in encrypted traffic within one week, while an additional 20% believed they could detect and respond to a cyber attack within one day.
A surprising number of respondents (41%) say they encrypt at least 70% of their internal network traffic, while almost one fifth (19%) of the respondents said they decrypt and inspect all of their encrypted traffic.
“Although the vast majority of the respondents inspect and decrypt a small percentage of their internal encrypted traffic, they still believe they can quickly remediate a cyber attack hidden in encrypted traffic,” Bocek continued.
“The problem is that attackers lurking in encrypted traffic make quick responses even more difficult. This is especially true for organisations without mature inbound, cross-network, and outbound inspection programs. This overconfidence makes it very clear that most security professionals don’t have the strategies necessary to protect against malicious encrypted traffic.”