Yahoo Finance The cybersecurity parasite hiding in plain sight
The battle against hidden adversaries within encrypted traffic is ongoing, but innovative technologies offer a path forward.
One of the major twists in the critically acclaimed film "Parasite" was learning that the housekeeper's husband had been living in the home's bunker for many years. The world of cybersecurity frequently goes through its own twists and turns, with the most cunning opponents hidden in plain sight, much like the plot of this riveting movie.
Despite the awareness of the risk of malware, a recent hybrid cloud security survey conducted by Gigamon in Singapore revealed that only 23% of organisations have visibility into encrypted data from the network level to the application level. This lack of visibility is exacerbated by the fact that just 30% of companies have visibility into East-West or laterally moving traffic. Furthermore, 43% reported they have good network visibility but limited container-level visibility.
Cyber adversaries utilise encryption to hide their actions within genuine digital traffic, much as parasites in the natural world disguise themselves to infect their hosts. This deceptive concealment poses a persistent challenge to cybersecurity professionals, who must unravel these digital disguises to protect their organizations from hidden threats.
So, in this world of hidden adversaries and encrypted mysteries, where does the concept of Zero Trust fit in? Are we destined to be blindsided by threats lurking within our digital “house”, or can we adapt our cybersecurity practices to reveal hidden adversaries within encrypted traffic? The answer, I think, is a solution that provides deep observability into cloud traffic to give you a hidden view of what is really going on inside.
Unveiling the hidden adversary in encrypted traffic
More than a quarter of IT and security leaders in Singapore express complete confidence in their whole hybrid cloud infrastructure, with another 66% expressing some level of confidence. All of them have, however, had breaches in recent months, much like parasites silently draining vital resources from their host. While efforts have been made to improve overall security posture, the underlying issue is the limitations of their existing tools, which struggle to detect hidden adversaries, particularly within encrypted cloud traffic. This underscores the challenges of hybrid cloud security.
As we navigate these complex challenges, innovative technology solutions emerge that can aid in our quest to eliminate blind spots within encrypted traffic. These solutions function as our digital detectives, tirelessly sleuthing to reveal hidden adversaries without compromising the security that encryption provides.
By incorporating the principles of Zero Trust, organisations can ensure that their cybersecurity strategies remain vigilant, even within the encrypted realm.
Front-running encryption with innovative technology
Encryption serves as a fundamental concept in the Zero Trust framework, emphasising the need to verify every entity and transaction, even within the encrypted realm. Traditionally, one might consider decryption as a way of mitigating this risk. However, out-of-band decryption for East-West traffic within networks has become more impractical and intrusive due to advancements in encryption technology, such as Perfect Forward Secrecy (PFS) within TLS 1.3. Additionally, decrypting active messages could interfere with performance and resource availability.
By incorporating the principles of Zero Trust, organisations strike a balance between security and privacy. By utilising innovative technologies that enable deep observability into encrypted traffic while upholding the principle of "never trust, always verify," they make sure that potential threats are exposed without jeopardizing the security that encryption provides.
An equally promising approach is one that can detect suspicious encrypted traffic patterns and anomalies before they are encrypted, effectively "front-running" encryption. This allows organizations to identify potential threats at an earlier stage before encryption cloaks their malicious intent. There are even technology updates now that allow front-running encryption to be simplified.
An example is Gigamon Precryption technology, a new innovation that utilises plain text to transform, analyse, and route encrypted cloud traffic, offering deep observability and enhancing SecOps threat-hunting capabilities. This means that organisations can gain invaluable insights into message and packet visibility down to the kernel level while steadfastly maintaining the confidentiality of their encryption, effectively bolstering their Zero Trust security posture.
Illuminating the hidden adversaries
The battle against hidden adversaries within encrypted traffic is ongoing, but innovative technologies like Precryption offer a promising path forward. Much like the unexpected revelation in the movie "Parasite" that changed the course of events by revealing a hidden presence within the family, cybersecurity experts today can similarly unveil concealed threats lurking within their digital "house”.
By shedding light on these concealed threats at their inception, organisations can navigate the intricate cybersecurity landscape with increased confidence and resilience, all while upholding the principles of Zero Trust – ultimately leading to a safer and more secure future.
Michael Hakkert is the vice president for Corporate Marketing at Gigamon
See Also:
Click here to stay updated with the Latest Business & Investment News in Singapore
Temasek-StarHub JV Ensign InfoSecurity comes down from Mount Olympus after four stealthy years
How Generative AI can be both a security friend and foe to businesses in Singapore
Get in-depth insights from our expert contributors, and dive into financial and economic trends
