The encryption technology that is crucial to protecting sensitive data in transit such as web transactions, emails and mobile apps, can allow malware hiding inside that encrypted traffic to pass uninspected through an organisation's security framework.
The report by US-based security company A10 Networks in partnership with Ponemon Institute surveyed 1,023 IT and IT security practitioners in North America and Europe, highlighting the challenges these professionals face in preventing and detecting cyber attacks.
A surprising outcome of the growing use of encryption technology is an increase in cyber attacks, it found.
"Instead of focusing on doing everything right 100 per cent of the time, IT leaders can be more effective by doing a few things very strategically with the best technology available," said Chase Cunningham, Director, Cyber Operations, A10 Networks, in a statement.
Although 75 per cent of survey respondents say their networks are at risk from malware hidden inside encrypted traffic, roughly two-thirds admitted that their company is unprepared to detect malicious traffic, leaving them vulnerable to costly data breaches and the loss of intellectual property.
Among the IT professionals who responded to the survey, the largest percentage work in financial services, followed by healthcare and the public sector.
"Moreover, the threat is expected to get worse as the volume of encrypted data traffic continues to grow, with the majority of respondents expecting network attackers to increase their use of encryption over the coming year to evade detection and bypass controls," the report added.
