With our upcoming webinar asking if encryption is your biggest security threat, we spoke to Dr. Ben Harrison, Global SOC & Security Operations at Cygilant, and Ryan Kalisz, EMEA Business Development Manager for Barac to learn more.
Steve: What don’t people realize about encrypted traffic?
Ryan: Put simply, the scale of it. People understand that encrypted traffic is out there; but they don’t really understand the reality of what we mean when we say it’s everywhere.
Close to 90% of all traffic is encrypted. Encryption is designed to secure data, of course, but it’s very easy to disguise malware and attacks in encrypted traffic. Some estimates put the amount of traffic incorporating malware to be close to 60% of all network traffic.
Ben: In 5 years, there will be no more differentiation. It will all be encrypted traffic. Soon firewalls will stop everything that isn’t encrypted. Unencrypted traffic will be rare, if it exists at all.
Ryan: There are lots of differences in types of encryption. The overall complexity is increasing – making it more and more difficult for traditional security technologies to detect potential problems in network traffic.
There is a strong need to look directly at all the traffic coming into and exiting your network. Visibility into encrypted traffic, without violating privacy regulations, is a must.
Steve: What’s the best excuse you’ve ever heard for not taking the proper security measures?
Ben: There is no good excuse – period. It is relatively easy to keep up with security measures and protections. You don’t need a huge overhaul of your systems to do so, nor do you need to do a great deal to remain compliant.
Ryan: One of the most popular reasons you hear for disabling security is that “it will stop production from happening.” This is a problem – security cannot be thought of as an afterthought. To be successful, security needs to be incorporated from the very beginning. It should simply be part of the development process.
Steve: How should a company get started securing their networks?
Ryan: It is critical that companies get security measures implemented correctly. A mistake here or a misconfiguration there can spell doom.
Some of the questions you should ask yourself include:
- Is there support available? Is it 24/7/365 support?
- Are the products/services I’m using to secure my network good? Do they stand by their product and their customers?
- Do I understand how to use the technology? Are my vendors/partners there to help me?
- Do my products/services work together well?
Ben: The most important things to ask yourself at the beginning are:
- “What’s the purpose of my security?”
- “What is it I’m trying to protect?”
- “Why is my organization a target for cybercriminals?”
- “Do I have valuable information a hacker would want?”
Security protections need to be thought of as an onion. You need layers to protect your organization. If one layer is pulled back and fails, what is left to pick up the remaining issues? There is no one ultimate security solution or product that will solve all of your security needs.
Steve: What is the biggest mistake companies make when securing their networks?
Ryan: The biggest mistake is underestimating cybercriminals. You can’t just wave your arms in the air, say you don’t have budget for it, and walk away from it.
If you don’t invest in security, you’ll be spending the money you could have spent in prevention plus even more to clean up the issues caused from a breach or ransomware.
There’s fixing the security issues after the fact, making sure your network is clear and safe to use again, informing customers or constituents of a breach, paying for credit reports for those affected, and rebuilding your reputation.
Recent studies have even shown how aware customers are of these breaches – even if it didn’t affect them. Something like 80% of customers have said they’d avoid a site if they knew it had been breached. Investing or not investing in security protections could be the difference between your business surviving or not.
Ben: Frustration is the biggest mistake. People get frustrated that there are still attacks despite their investments.
What companies need to remember is that security is never done – it’s a continual process. The attack surface, the methods, the protections – everything is constantly changing and evolving. If you don’t stay up to date with the attackers, then you’re putting your entire business at risk.
Learn more about securing your network and the need to understand what’s in your encrypted traffic by attending our webinar on Thursday, March 26, 2020 at 11:00 a.m. EST.