Santa Clara, CA – May 26, 2022 – Gigamon, the leading deep observability company, today released its updated TLS Trends Research report which highlights levels of encrypted traffic, versions in use, and trends over time. While this data is readily available for general internet traffic, Gigamon is the only vendor to publish data on the usage of encryption in intra-organization lateral communications (East-West traffic).
Cyberattacks are at an all-time high, triggering increasingly strict regulatory standards and data privacy compliance to combat the rapidly evolving threat landscape. As a result, the global encryption software market is expected to grow to $22.1B by 2026, a 15 percent compound annual growth rate (CAGR). However, this is leading cybercriminals to infiltrate Secure Sockets Layer/Transport Layer Security (SSL/TLS) sessions to hide and obfuscate their actions. This can lead to SSL/TLS sessions becoming a liability, inadvertently camouflaging malicious traffic.
To avoid being compromised, IT organizations should take the following actions:
- Deliver deep observability– With encrypted traffic attacks having risen an astounding 314 percent in 2021, with 80 percent of attacks now using encrypted channels (up 57 percent from 2020), it is critical that organizations have visibility into all traffic in motion. Only by pairing security and observability tools that provide detailed metrics, events, logs and traces (MELT) with actionable, network-level intelligence derived from packet flows and application metadata, can organizations detect unseen threats and mitigate risk. This powerful combination defines a new frontier of deep observability.
- Safely decrypt and inspect traffic– 81 percent of all North-South traffic is encrypted creating a perfect hiding place for cybercriminals. By decrypting traffic with the right level of privacy, organizations have the visibility they need to detect hidden threats.
- Encrypt all feasible East-West traffic –The majority (65 percent) of East-West network traffic is now encrypted (up from 56 percent in 2020), leaving 35 percent of traffic unencrypted. While most headlines tout the risk of cyber espionage and state-sponsored attacks, 43 percent of IT security incidents occur as a result of employee actions, with 74 percent originating the extended enterprise (customers, partners, and suppliers). Encrypting all feasible East-West traffic provides an opportunity for organizations to improve their security posture.
“This report seeks to provide real-world data on SSL/TLS usage”, said Bassam Khan, vice president of product and technical marketing at Gigamon. “The findings illustrate why organizations need to rethink their decryption policies and procedures, particularly as TLS 1.3 gains further traction.”
The Gigamon research is based on live data from several dozen enterprises across a range of industries, with a statistical bias towards financial institutions, technology, and healthcare. With an aggregate of 1.36 trillion network traffic flows over a 15-month period, the data for each organization data was statistically significant.
Download the full report to discover the latest encryption trends and why they have us concerned, what you need to do to gain visibility into all data and protect your network and vital rules for decrypting and inspecting traffic. Also register for our webinar to hear from Gigamon industry experts who will share key insights on how to fortify your organization from cybercrime.