Encryption has reached near-full adoption by internal teams hoping to implement stronger security and privacy practices. Simultaneously, attackers are using the same mechanisms to hide their malicious activity from the defender’s line of sight.
According to the Ponemon Institute’s 2021 Global Encryption Trends Study, 50% of organizations have an encryption plan consistently applied across their entire environment—up from around 40% in 2015 and 25% in 2010. While encryption is providing an increasingly critical defensive layer against tampering and eavesdropping, it is also an increasing threat as demonstrated by the 260% increase in encrypted attacks reported by Zscaler.
ExtraHop Senior Technical Marketing Manager Jamie Moles joined Enterprise Security Weekly to discuss the various techniques attackers are using to cover their tracks using encryption, addressed common objections about decryption, and made the case for decryption as a path toward faster, more confident defense.
He shared a demonstration of how the ExtraHop Reveal(x) network detection and response platform securely decrypts network traffic to successfully halt a breach in progress.
“With strategic decryption, you are only decrypting things you have encrypted — that for which you have the key,” Jaimie said. “That way, you preserve privacy. Decrypting traffic you control in your own private network is a perfectly legitimate thing to do.”
This is about decrypting traffic for the express purpose of looking for threats against your organization. That traffic can hide risk and you want to have insight into it., he added.
This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!