When it comes to enterprise security, encryption is supposed to be a good thing.
Except when it's not.
A growing concern for many enterprises is an attack that is hidden in an encrypted file that is traveling through the network. In the coming year, about 80% of all enterprise network traffic will be encrypted, and that means a lot more places for cyberattacks to hide.
To help counter the problem of cyberthreats wrapped in encryption, Cisco Systems Inc. (Nasdaq: CSCO) is offering what it calls Encrypted Traffic Analytics or ETA. The network security tools work by analyzing traffic and then flagging anomalies, without having to de-encrypt the traffic.
Wagner notes that while Cisco's ETA tool could not prevent the types of attacks associated with the recently disclosed vulnerabilities in Intel's x86 processors, it should be able to detect attempts to exfiltrate that information over the network. (See Meltdown & Spectre News Gets Worse – & Better.)
For more information about cloud computing and cloud security, visit Security Now's sister publication, Enterprise Cloud News.
In a surprise outcome, the education sector rises to the top of a SecurityScorecard assessment for its ability to protect data assets despite connecting thousands of unsecured devices and even some determined student hackers.
At the AWS New York Summit, CTO Werner Vogels detailed how security is a much wider responsibility, and how automation and encryption are essential to better (and more secure) application development in the cloud.
The DOJ and the Special Counsel's Office indicted 12 Russian nationals, charging them with hacking into the networks of the Democratic Congressional Campaign Committee, the Democratic National Committee and the Hillary Clinton presidential campaign.