It’s time to change our strategy for cybersecurity. Traditional security approaches fail to protect the network from ever-evolving threats. Made even worse by the fact that 79% of organizations are struggling to detect threats hidden by encrypted traffic. But why are current security approaches failing? In 2022, the dwell time between “stealth” intrusions and outright cyberattacks increased by 36%, leaving a narrow window to detect and stop intrusions.
Estimated reading time: 3 minutes
Even still, detecting a breach is quite slow, as it takes an average of 287 days to fully identify it increases the risk of the attack being successful. Moreover, analysts reported that 80% of network traffic could no longer be inspected with traditional or “legacy” tools, and 72% of attackers destroy logs to cover their tracks. This is a small facet of the bigger picture of the main threat: dark space.
Network security dark space is any network infrastructure that doesn’t appear in the “golden store” of configuration data, which includes: firewalls, routers, proxies, load balancers, endpoints, and hosts. Made more alarming that 70% of networks are dark spaces where attackers can bypass traditional defenses and have free reign of the network. In the past, encrypted traffic was implemented to turn private data into unreadable code to combat cybercriminals, so it would be nigh-impossible to read and therefore use.
Unfortunately, while encryption is used on almost all web traffic, cybercriminals increasingly use the technology to mask their activities. In 2016, 53% of web traffic was encrypted; now, over 90% is encrypted. Even IT professionals say that they are not fully confident in how to deal with dark space, with only 59% of them saying they can be secure against encrypted traffic. They attribute the decreased confidence to a lack of insight into dealing with threats from encrypted traffic. There is also a lack of tools to detect, intercept, and analyze threats.
Luckily, in development, there are Network Detection and Response (NDR) platforms powered by AI that will be used to detect and alert threats within encrypted traffic.
What do you think of NDR cybersecurity? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network. Be sure to subscribe to our RUMBLE channel as well!
