Performance, management and privacy issues stymie SSL inspections, and the bad guys know it

The technology is there for companies to inspect the SSL traffic going in and out of their networks, but performance, management and privacy concerns combine to hinder its adoption — allowing cyberattackers to hide their malicious activity in the encrypted traffic.

According to a new report by the Ponemon Institute, 41 percent of companies who were victims of a cyberattack said that the attacker used SSL encryption to hide their activities and to sneak data out of organizations.

And this percentage is likely to rise, experts say. Encryption tools are already available to the savviest criminals, and it’s only a matter of time before they are commercialized, made easier to use, and become widely available to attackers.

To read this article in full or to leave a comment, please click here