- Utilizing data encryption methods is often touted as a way to prevent healthcare data breaches, as it could help prevent sensitive information from being easily accessible. Preventing and even preventing network attacks should be a top priority for all covered entities. But what are the best options in terms of data encryption?
A recent study shows that SSL decryption and inspection could be greatly beneficial to organizations in various sectors, including healthcare and pharmaceuticals, as well as financial services.
SSL decryption is a general public key infrastructure “encryption protocol that works between the underlying transport protocol (TCP) and the application containing data we are trying to protect,” according to the SANS Institute.
“It can be a part of any application commonly including web browsers or email apps, and it protects data by making it unreadable by unintended recipients,” SANS explained in a paper.
Uncovering Hidden Threats within Encrypted Traffic was commissioned by A10 Networks and conducted by Ponemon, with 49 percent of surveyed organizations in the financial services, health and pharmaceuticals, general services, and the public sector. Over half - 55 percent - of respondents also said that they report directly to the CIO, CTO or head of corporate IT.
The study found that half of all known cyberattacks used SSL encryption to evade detection in the last 12 months.
Furthermore, 80 percent of respondents said they had been victims of a cybersecurity attack in the past 12 months. Of those, 41 percent said the attacks hid in SSL traffic. Even so, 89 percent also stated that SSL decryption and inspection is either “essential” or “very important” to the performance and security of their business.
Organizations are seeking SSL decryption capabilities and often want certain attributes and capabilities, according to the survey. Specifically, 79 percent of respondents said they want SSL certificate and key management, while 68 percent want scalability.
The other top desired features were compliance requirements; uptime, performance and security; and multi-vendor security integration.
The top concern in implementing SSL decryption solutions is performance, the survey found. Sixty-one percent reported that they were worried about a lack of performance for organizations that don’t decrypt SSL traffic. Additionally, 83 percent of respondents said that decryption results in some type of degradation within organizations currently decrypting and inspecting SSL traffic.
The study also found that only approximately one-third of respondents - 36 percent - feel that their organization can properly leverage SSL decryption and inspection for data breach prevention.
“SSL decryption is rapidly becoming a necessity to properly inspect Internet traffic and stop potential attacks,” the report’s authors stated. “Be proactive and expose the hidden threats within your environment.”
It will also be important for organizations to assess their tools and determine which can benefit from adding SSL decryption and inspection capabilities, the report concluded. Entities should also identify their critical needs and create an outline to build an applicable plan. For example, organizations should know if they desire scalability, compliance controls, or better integration with third-party security vendors.
Finally, mapping SSL decryption capabilities to a proven platform can assist organizations as they inspect and analyze encrypted traffic for any potential malicious behavior.
Image Credit: Ponemon, A10 Networks