Sign in
  • News
  • Interviews
  • Articles
  • Podcasts
  • Insights
    • Future Ready
    • Guest Post
    • Use Cases
    • Events
  • Quick Bytes
  • RESOURCES
Sign in
Welcome!Log into your account
Forgot your password?
Privacy Policy
Password recovery
Recover your password
Search
Monday, February 6, 2023
  • Sign in / Join
Sign in
Welcome! Log into your account
Forgot your password? Get help
Privacy Policy
Password recovery
Recover your password
A password will be e-mailed to you.
ITSECURITYWIRE FAVCON ITSECURITYWIRE FAVCON ITSecurityWire
  • News
  • Interviews
  • Articles
  • Podcasts
  • Insights
    • Future Ready
    • Guest Post
    • Use Cases
    • Events
  • Quick Bytes
  • RESOURCES
Home Featured Articles Dark Network Security Ahead – New Encryption Standards Will Reduce Controls
  • Featured Articles

Dark Network Security Ahead – New Encryption Standards Will Reduce Controls

By
Sudipta Choudhury
-
August 13, 2020
85
Dark Network Security Ahead – New Encryption Standards Will Reduce Controls

Security professionals need to act fast and put solutions in place before the TLS 1.3 and DNS-over-HTTPS (DoH) are implemented – suggests Forrester Research.

The transport layer security (TLS) and domain name system (DNS) – two primary protocols of the web have undergone radical changes lately. The modifications have been implemented to protect browser user privacy in an enterprise environment.

Concurrently, the changes will brush off security on-premises in the next few years. As a result, the security professionals must act on it, putting security tools in place. Or else, they will not be able to detect cyber threats and analyze network traffic. These findings came up from the latest study by Forrester Research.

As mentioned by David Homes, Senior Research Analyst at Forrester Research in the company blog post – “While [the protocols] hide user activity from the searching eyes of nation-states and ISPs, they also hide valuable metadata from enterprise network inspection tools…Within the larger effort, incorporate tactical approaches to recapture network metadata and lost decryption capabilities.”

Read More: Only 34% of Organizations Are Applying Basic Cloud Security Tools

DoH and TLS 1.3 are the only outcomes of the long conflict between the privacy activists and the government surveillance community. These recent privacy changes signify the result of the efforts – where all the browser data and metadata will be encrypted.

The changes have already fueled controversy, primary because –

  • Financial services brands have invested in passive decryption, as the regulation prohibits unencrypted data. This is valid on their internal networks, and TLS 1.3 will make it incompatible with the security inspection architectures.
  • TLS 1.3 encrypts the server certificates – security teams can’t control browsers or apply network policies that stop users from browsing unsafe websites.
  • DNS-over-HTTPS eliminates IT control. The privacy activists consider the current domain name system as a critical privacy leak. Thus they have proposed encrypting the DNS-over-HTTPS and fix it.

However, Forrester noted that security professionals can still secure the network environment. The evolutions of the encrypted domain name system, encrypted server name indicator (SNI), and TLS 1.3 – are new, and the adoption rates are currently modest. Therefore, security and risk teams should not delay their measures.

Read More: Cybersecurity threatened by expired machine identities and unverified adoption of tools

The security and risk clients of Forrester are closely monitoring their users for protecting them. David Homes also cited, “As these changes gain momentum, security monitoring tools will be blinded to the contents and destination of traffic and unable to detect threats. The network will be darker than it’s ever been.”

  • TAGS
  • browser
  • browser data
  • CEO
  • CISO
  • CTO
  • cyber attack
  • cyber risk
  • Cyber Threat
  • cybersecurity
  • Dark net
  • data privacy
  • DNS
  • DoH
  • domain name system
  • Encryption Standard
  • enterprise environment
  • Fintech
  • HTTPS
  • ISP
  • IT control
  • IT security
  • metadata
  • Network security
  • network traffic
  • Security professional
  • threat detection
  • TLS
  • transport layer security
  • user privacy
Previous articleThree Steps Enterprises Need to Take to Handle IoT Risk
Next articleTrend Micro Brings DevOps Agility and Automation to Security Operations through Integration with AWS Solutions
Sudipta Choudhury
http://itsecuritywire.ondot.media
Marketing professional with experience in B2B and MR industry. Skilled in Marketing, Strategy Making, Copywriting and Content Creation, Sales, and SEO with excellent Communication Efficiency. Holding a dual master's degree focused on Marketing from IBS, Pune and ICFAI University.

RELATED ARTICLESMORE FROM AUTHOR

Top Four Reasons to Adopt CIEM in Cloud Security Strategy

Top Four Reasons to Adopt CIEM in Cloud Security Strategy

Why Companies Need a Hacker-mindset to Strengthen Cybersecurity

Why Companies Need a Hacker-mindset to Strengthen Cybersecurity

Infrastructure-led Innovation & Network Security Transformation

Infrastructure-led Innovation & Network Security Transformation

Latest posts

Offensive Security Unveils Its First Defensive Security Training and Certification Offering-01 (1)

Offensive Security Unveils Its First Defensive Security Training and Certification Offering

November 17, 2021
Attack on AMD Chips Causes Voltage Glitching_ Endangering Cloud Environments

Attack on AMD Chips Causes Voltage Glitching, Endangering Cloud Environments

August 16, 2021
odix

odix joins the Microsoft Intelligent Security Association (MISA) program extending FileWall security logs to Microsoft...

September 30, 2020
Cybersecurity, malicious domain, phishing attack, Cyberattack, Phishing scam, URL, Coronavirus, IT, cybercrime, Malware, COVID-19, Coronavirus, scammers, Jay Chen, Palo Alto Networks, Palo Alto Unit 42, collaboration, RiskIQ, COVID-19: Cloud Threat Landscape, Amazon Web Series, AWS, Google Cloud Platform, Google Cloud, Google, Microsoft Azure, IP address, Internet protocol, Microsoft, cloud platform, Alibaba, Alibaba cloud, tech giant, COVID-19 domains, spam campaigns, Newly Registered Domain, NRDs, keywords, United States, Russia, Germany, Italy, IP, public clouds, firewalls, IP-based firewalls, cybersecurity infrastructure, COVID-19 crisis, coronavirus pandemic, phishing websites, Cybercriminals, spam, domains, COVID-19 scams, tech giant, malicious attacks, Amazon Cloudfront, Cloudflare, CDN, market crash, malicious apps, intelligence experts, cyber attack, relief fund, malware, phishing email, edge server, content delivery networks, benign domains "CIO, CTO, CISO, CEO, Cybersecurity, Cyberattack, Phishing scam, Coronavirus, IT, cybercrime, Malware, COVID-19, Scam "

Coronavirus-themed Domains – Most Popular Online Choice

May 6, 2020
Five Essential Techniques to Prevent Data Leaks

Five Essential Techniques to Prevent Data Leaks

July 19, 2022


An invaluable resource for all your IT security initiatives and assets.

Knowledge sharing platform for all IT security needs and plans. Peer to peer conversations that leverage industry experts and leaders for ideas, opinions and business insights.

Media@ITSecurityWire.com
Sales@ITSecurityWire.com

Recent Posts

  • Oracle E-Business Suite Vulnerability Exploitation Commences After PoC Publication
  • Jira Service Management Vulnerability Reported by Atlassian
  • Top Four Reasons to Adopt CIEM in Cloud Security Strategy
  • Why Companies Need a Hacker-mindset to Strengthen Cybersecurity
  • Infrastructure-led Innovation & Network Security Transformation

Visit Our Other Publication

Quick Links

  • About Us
  • News
  • Featured Articles
  • Featured Interview
  • Guest Post
  • Privacy Policy
  • Do Not Sell My Information
  • About Us
  • News
  • Featured Articles
  • Featured Interview
  • Guest Post
  • Privacy Policy
  • Do Not Sell My Information
An Imprint of OnDot ® Media © | All rights reserved | Privacy Policy