Stephen Kovac, vice president of global government and head of corporate compliance at Zscaler, described four tools he believes government agencies should implement as part of in-depth network defense against encrypted cyberattacks such as ransomware.
In a guest piece for FedTech magazine published Wednesday, he urged agency information technology professionals to decrypt, inspect and reencrypt communication channels as attackers find more opportunities to sneak past the standard Secure Sockets Layer/Transport Layer Security protocols.
The 2020 State of Encrypted Attacks report by Zscaler’s ThreatLabZ team found that SSL-based threats grew 260 percent from March to December after an analysis of 6.6 billion risks that were hidden within encrypted traffic.
“No Agency is immune to security threats, but agencies can take a threat-based approach to security and adopt a defense-in-depth strategy that can scale as needed to support SSL inspection from start to finish,” Kovac noted.
He said a cloud-based proxy architecture could support encrypted traffic monitoring while a cloud-based platform that employs artificial intelligence could facilitate threat isolation and mitigation.
Agencies should also consider adopting a framework called secure access service edge to protect federal work in remote information technology environments and a zero-trust approach to reduce the attack surface.