In today’s digital world, traditional security approaches are failing to keep our data safe. 79% of organizations are struggling to detect threats within encrypted traffic, evidenced by the 236.1 million ransomware attacks worldwide just in the first half of 2022 alone. The number of these attacks are on the rise, as there have been 1.5X more ransomware attacks in 2021 versus 2020.
There are many reasons why these traditional security approaches are failing. First, dwell time between “stealth” intrusions and attacks have increased by 36%, leaving a narrow window to detect and stop intrusions. The median intruder dwell is 15 days, yet it can take 287 days to actually detect a breach. Second, analysts must respond to a high volume of alerts without knowing which is the greatest threat. Cyber criminals are increasingly using technology to mask their activities, with 91.5% of malware arriving over encrypted connections. Alarmingly, roughly 58% of IT professionals do not have awareness of communication across their networks and can not secure against encrypted traffic threats.,
With 41% of enterprises feeling that they don’t have a good understanding of how to detect and protect against attacks using encryption to bypass legacy security solutions, it is clear a new security strategy is needed. Network Detection and Response (NDR) Platforms may be the solution. These networks detect suspicious network traffic so that a team can respond to malware without decryption. They do this by monitoring all traffic flows across the network, attribute a malicious behavior to a specific IP address, and perform forensic analysis on how a threat progressed.
One specific platform, Live Action’s ThreatEye, uses AI to perform the functions of a typical NDR. It builds a fingerprint of assets and behavior patterns and monitors for anomalous usage. With predictive threat intelligence, a decreased response time, encryption policy compliance, and many other features, it can protect one’s network when traditional security approaches fail.