The Case for Decryption in Cybersecurity>
E Security Planet – Jeff Goldman
Effective encryption has long been critical for protecting sensitive enterprise data, but as hackers increasingly leverage encrypted channels to access and traverse enterprise networks, secure traffic decryption is also key to assessing potential threats.

Too many companies are only focusing on half the battle, ensuring pervasive encryption but falling short on decryption and monitoring. So having an efficient system in place is key. âHaving the right people, the people with the right credentials and the right access controls, look at the right information â because not all information should be decrypted â is really important in having a quick triage and a quick understanding of whatâs in your network,â Campfield said.

Itâs a real and widespread problem â a recent Trend Micro survey of 2,303 IT security and SOC decision makers found that 51 percent of respondents said their team is overwhelmed by the volume of alerts, and 55 percent arenât confident in their ability to prioritize and respond to them.

Fully 43 percent admitted to having dealt with the problem by simply turning off alerts.

And thatâs where technology comes in, leveraging machine learning to support assisted investigation at scale. âThat wasnât possible back when you either couldnât decrypt at scale or didnât have machine learning and assistance to the very human tasks of deciding whatâs good and whatâs not,â he said.
Link: https://www.esecurityplanet.com/networks/the-case-for-decryption-in-cybersecurity/