According to analysts, the use of network encryption is rising by at least 20% per year1. But it’s not deterring malicious parties – a 2013 report from Gartner suggested that by 2017, more than 50% of all network threats will make use of SSL/TLS2. Worryingly, that’s less than a year away.
So in spite of the increasing movement towards encrypted networks, more and more businesses are finding themselves with a SSL/TLS blind spot. But what impact does that have on your business – not just in a dollars and cents, but in terms of potential damage to the security network you’ve already established?
Many networks don’t actively decrypt encrypted traffic that passes through. This can be for a variety of reasons. Sometimes their devices simple aren’t capable of even registering it, let alone decrypting it – so the traffic simple passes through, ignored. But often the case is that decrypting can bog down device and network performance, which interferes with other productivity. But not seeing or processing SSL/TLS traffic can potentially expose your network to all sorts of malicious activity, which can damage the business itself in the long run.
Blue Coat has devised an interactive tool that calculates both your annual security blind spot cost and the loss of value in your network security infrastructure investment such as next-generation firewalls (NGFWs), intrusion detection and prevention solutions (IDS/IPS), sandboxing, web proxies, data loss prevention (DLP) solutions and so on. It’s simple and easy to use – you can try it right here.
The cost of your network security blind spot is the percentage of SSL/TLS traffic coursing through your networks, multiplied by the overall investments you’ve previously made in the security solutions listed above:
NETWORK SECURITY BLIND-SPOT COST =
% of SSL Traffic x Annual Investment into Network Security Products
Give it a try now — it only takes a minute, and the simple result is surprisingly accurate. Then think twice about what the lack of an effective SSL visibility and management solution is costing you—not just in sheers dollars and potential security risk, but in terms of missed opportunities. Money spent on inadequate security solutions is money that could have been better invested into new business opportunities, and better servicing your customers.
1 J. W. Pirc, "SSL Performance Problems: Significant SSL Performance Loss Leaves Much Room for Improvement," NSS Labs, June 2013.
2 Gartner, Security Leaders Must Address Threats from Rising SSL Traffic, Jeremy D’Hoinne and Adam Hills. Published: 9 December 2013