Go back

10 September 2021 Kurt Haller

Day 4 of the Key Challenge of the Week: Internal and Regulatory Compliance

How many devices do you own? Smartphone? Laptop? Tablet? Smart TV? Wireless Printer? The amount of devices is endless, which brings us to the 4th key challenge of the week: Internal and Regulatory Compliance.

With the emergence of IoT in the workplace, the number of IP-enabled (e.g. swipe cards, printers, smart TVs) devices integrated into the work environment is becoming more and more difficult to manage. Many of these IoT devices also utilise the latest version of TLS, limiting a company's ability to effectively monitor internal threats and identify 3rd party platforms that are communicating with these devices. As a result, the human cost of reporting is substantially high and compliance teams scramble to ensure that both internal and regulatory standards are met to avoid any serious fines.

Furthermore, multiple regulators across industries, such as MiFIDII and HIPAA, now stipulate that all data in transit and at rest must be encrypted. The latest version of TLS will prevent security teams from decrypting a session unless they downgrade the session to TLS 1.2, analyse the session for malicious activity, and then re-encrypt it. According to IBM, "Organizations with a high level of system complexity had an average cost of a breach $2.15 million higher than those who had low levels of complexity. The presence of a high level of compliance failures was associated with breach costs that were $2.30 million higher than breach costs at organizations without this factor present. "

At Venari Security, we know this is a serious problem, that is why we provide an Internal and Regulatory Compliance module. Based on numerous conversations with industry experts, we understand how complex this matter is, that is why we help your team adhere to local regulations related to encrypted traffic, help manage the number of internal devices that utilise TLS communications, and help you have greater peace of mind over your own internal network.

#KeyChallengeoftheWeek #GetTheMeasure #VenariSecurity #ETA #encryptedtrafficanalysis #encryptedtraffic #networksecurity #NTA #networktrafficanalysis #NTA #cybersecurity #enterprisesecurity #encryption #AI #malware #ransomware #TLS13 #TLS #cybersecurity #digitaltransformation

Get the Measure

  • 20 September 2021 Kurt Haller

    What is Ransomware?

    Ransomware is a type of malware attack characterized by holding device control--and therefore locally stored data--for a ransom, which victims typically pay...

  • 17 September 2021 Kurt Haller

    Who is at the Heart of Cybersecurity?

    People are at the heart of cyber security...to protect their finances, their jobs, their identities, and sometimes even their physical safety. People can...

  • 15 September 2021 Kurt Haller

    Hacked a £4.8 billion-pound Company to Impress Friends?

    In 2016, a 17-year-old boy admitted that he had a desire to show off his IT skills to his friends. This led him to use hacking software (SQL Map) to scan...

View more

You Don’t Know What You Don’t Know

Today’s controls on your enterprise network are no longer fit for purpose. Cybercriminals now use encryption as their primary method of communication.

Defend your business effectively, know what is on your network.

See it in Action