|[April 05, 2017]
Venafi Survey: 23% of Security Professionals Don't Know How Their Organization is Addressing Threats Hiding in Encryption
Venafi®, the leading provider of protection for machine identities,
today announced the results of a survey of over 1540 information
security professionals on their organizations' capability to defend
against threats hiding in encrypted communications. According to the
survey, nearly a quarter of the respondents (23 percent) have no idea
how much of their encrypted traffic is decrypted and inspected.
"Encryption offers the perfect cover for cyber criminals," said Kevin
Bocek, chief security strategist for Venafi. "It's alarming that almost
one out of four security professionals doesn't know if his or her
organization is looking for threats hiding in encrypted traffic. It's
clear that most IT and security professionals don't realize the security
technologies they depend on to protect their business are useless
against the increasing number of attacks hiding in encrypted traffic."
Key survey findings include:
According to the 2017
Mandiant M-Trends report, the average time it takes to detect a
cyber attack is 99 days, but 41 percent of respondents to the Venafi
survey believe they can detect and respond to a cyber attack hidden in
encrypted traffic within one week. Additionally, 20 percent believe
they can detect and respond to a cyber attack within one day.
A surprising number of respondents (41 percent) say they encrypt at
least 70 percent of their internal network traffic; 57 percent
say they encrypt 70 percent or more of their external web
Almost one fifth (19 percent) of the respondents said they decrypt and
inspect all of their encrypted traffic.
Encryption is critical to the world's digital economy because of the
fundamental role it plays in protecting data privacy. However, as the
explodes, cyber criminals are finding ways to hide attacks inside
encrypted traffic; a recent study from A10 Networks (News - Alert) found that�41
percent of cyber attacks used encryption to evade detection.
"Although the vast majority of the respondents inspect and decrypt a
small percentage of their internal encrypted traffic, they still believe
they can quickly remediate a cyber attack hidden in encrypted traffic,"
Bocek continued. "The problem is that attackers lurking in encrypted
traffic make quick responses even more difficult. This is especially
true for organizations without mature inbound, cross-network, and
outbound inspection programs. This overconfidence makes it very clear
that most security professionals don't have the strategies necessary to
protect against malicious encrypted traffic."
Venafi conducted this survey of over 1540 information security
professionals at RSA (News - Alert) Conference 2017.
For more information about Venafi please visit: www.venafi.com
Global Geopolitical Changes Driving Data Privacy Concerns and Encryption
Most Cyber Attacks Now Use Encryption: Are You Prepared for the Good,
the Bad and the Ugly?
Venafi is the cyber security market leader in protecting cryptographic
keys and digital certificates which every business and government
depends on to deliver safe encryption, authentication and authorization.
Organizations use Venafi key and certificate security to secure
machine-to-machine connections and communications-protecting commerce,
critical systems and data, and mobile and user access.
Venafi constantly assesses keys and certificates, protecting those that
are trusted and fixing or blocking those that are not. This prevents
their misuse by cybercriminals. Venafi protects the network, business
and brand of many of the largest, most security-conscious organizations
in the world. To learn more, visit www.venafi.com.
View source version on businesswire.com: http://www.businesswire.com/news/home/20170405005387/en/
[ InfoTech Spotlight's Homepage ]