Information Security

Defending the digital infrastructure

pixel_dreams - Fotolia

Manage Learn to apply best practices and optimize your operations.

Report: Lack of SSL traffic inspection poses threat to enterprises

New research shows poor visibility into encrypted traffic increases the risk to enterprises as malicious actors take advantage of blind spots

The numbers vary, but by all accounts, encrypted traffic is increasing on the internet. The problem? Most companies fall short when it comes to SSL traffic inspection, which creates a blind spot in inbound and outbound communications that may increase the threat of web-based attacks.

The SSL protocol uses authentication and encryption -- public-key and symmetric-key -- to secure communications between servers and other systems. It is frequently used to encrypt email, web transactions and data in transit, including data used by mobile apps. While the protocol usually works as intended, lack of SSL traffic inspection is actually putting companies at risk, according to an August 2016 report by the Ponemon Institute.

Network traffic infographic

For the "Hidden Threats in Encrypted Traffic: A Study of North America and EMEA" report, sponsored by A10 Networks, Ponemon researchers independently surveyed 1,023 IT and security professionals. According to survey respondents, 80% of organizations have been victims of cyberattacks or malicious insiders in the past 12 months, and 41% of those attacks used encryption to evade detection.

The majority of those surveyed expect the potential dangers hiding in SSL traffic, such as malware and other intrusions that threaten to bypass security controls, to get worse in the next 12 months, the report found. While 51% of those surveyed indicated that their companies plan to install some form of traffic decryption in the next 12 months, 62% said they did not inspect decrypted web traffic.

Network traffic infographic

The reasons range from lack of tooling and skilled personnel to network performance degradation and it not being a priority. The speed of SSL traffic inspection, its use of bandwidth and SSL key lengths also pose challenges, researchers said.


Article 5 of 6

Next Steps

Enterprises face threat of SSL malware

7 steps to implement SSL security

Learn more about deep-packet inspection techniques

This was last published in October 2016

Dig Deeper on Real-time network monitoring and forensics

Get More Information Security

Access to all of our back issues View All