Encryption is growing at a steady rate. According to a report issued by Sandvine, the percentage of web traffic that’s encrypted will increase 40% over the next 12 months. Unfortunately, there is a corresponding increase in the number of threats that hide in encryption. A recent study, published by the Ponemon Institute and A10 Networks, explores the challenges enterprises face in detecting attacks in encrypted traffic.
Malware hidden inside encrypted traffic is a serious risk
The Ponemon/A10 study revealed that 81% of organizations have been victims of a cyber-attack or malicious insider during the past year. And 41% of those say attackers used encryption to evade detection and steal data. 51% of the organizations surveyed expect network attackers to increase their use of encryption over the coming year.
Here’s the challenge: most security tools cannot inspect encrypted traffic. That’s a problem for solutions like malware detection and intrusion prevention that are designed to secure data and networks across the enterprise. When encrypted data isn’t inspected, these solutions are limited in their ability to protect against attacks
Without proper controls, the problem will only get worse
As encryption continues to grow, more endpoints, network devices, optimization appliances, and security solutions will need to process, relay, and inspect data. And more of these devices and applications will require access to SSL/TLS certificates to process that encrypted data.
Organizations will need scalable solutions to protect these certificates and their associated encryption keys to orchestrate and control this tsumani of encryption assets.
However, 56% of IT security professionals still manage their keys and certificates manually. This model is simply not sustainable. What organizations need is an orchestration platform that can secure and protect keys and certificates across the enterprise. Only then will organizations know how many certificates they have, where they are, and know they can confidently scale their encryption environment as fast as needed.
Simplified integration improves security and network optimization
The new Venafi Adaptable Application Driver makes it faster and easier to integrate any application or network device with our proven Trust Protection Platform. With automated protection for applications across their environment, organizations can finally bring order to key and certificate chaos. Not only will they have full visibility and control over all keys and certificates, their forensic security solutions and network infrastructure will also be able to operate more effectively and securely.
Venafi has a long history of interoperability and an extensive partner community to support even the most diverse customer environments. And now we’ve made it even easier to bring real-time protection of certificates to any application that needs it.
How prepared is your organization to support all the certificates for the myriad applications and devices in your environment?