Successfully reported this slideshow.
Your SlideShare is downloading. ×

TLS 1.3’s Fourth Anniversary: What Have We Learned About Implementation and Network Monitoring?

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad

Check these out next

1 of 24 Ad

TLS 1.3’s Fourth Anniversary: What Have We Learned About Implementation and Network Monitoring?

Download to read offline

In 2018, EMA surveyed IT practitioners and technology decision-makers to gauge their awareness of the TLS 1.3 standard for network encryption. In 2022, EMA revisited the adoption of the TLS 1.3 standard by going back to IT networking professionals, security experts, and business leaders to discover what they have learned throughout the implementation process and the benefits they gained through their adoption and usage.

These slides, based on the webinar presented by Christopher Steffen, managing research director for security and risk management at leading IT research firm EMA, cover some of the findings from this study.

In 2018, EMA surveyed IT practitioners and technology decision-makers to gauge their awareness of the TLS 1.3 standard for network encryption. In 2022, EMA revisited the adoption of the TLS 1.3 standard by going back to IT networking professionals, security experts, and business leaders to discover what they have learned throughout the implementation process and the benefits they gained through their adoption and usage.

These slides, based on the webinar presented by Christopher Steffen, managing research director for security and risk management at leading IT research firm EMA, cover some of the findings from this study.

Advertisement
Advertisement

More Related Content

More from Enterprise Management Associates (20)

Recently uploaded (20)

Advertisement

TLS 1.3’s Fourth Anniversary: What Have We Learned About Implementation and Network Monitoring?

  1. 1. @ema_research TLS 1.3’s Fourth Anniversary: What Have We Learned About Implementation and Network Monitoring? Christopher M. Steffen, CISSP, CISA Managing Research Director CSteffen@enterprisemanagement.com Ken Buckler, CASP Research Analyst KBuckler@enterprisemanagement.com Sponsored by
  2. 2. Watch the On-Demand Webinar • TLS 1.3’s Fourth Anniversary: What Have We Learned About Implementation and Network Monitoring? On-Demand Webinar: https://info.enterprisemanagement.com/tls1.3-fourth-anniversary- webinar-ss • Check out upcoming webinars from EMA here: https://www.enterprisemanagement.com/freeResearch
  3. 3. @ema_research @ema_research Featured Speaker Chris brings over 20 years of industry experience as a noted information security executive, researcher, and presenter, focusing on IT management/leadership, cloud security, and regulatory compliance. His technical career started in the financial services vertical in systems administration for a credit reporting company, eventually building the network operations group, as well as the information security practice and technical compliance practice for the company before leaving as the Principal Technical Architect. He was the Director of Information for a manufacturing company and the Chief Evangelist for several technical companies, and also held the position of CIO of a financial services company, overseeing the technology-related functions of the enterprise. He currently leads the information security, risk, and compliance management practice for Enterprise Management Associates (EMA), a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. Chris holds several technical certifications, including Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), and was awarded the Microsoft Most Valuable Professional Award five times for virtualization and cloud and data center management (CDM). He holds a Bachelor of Arts (Summa Cum Laude) from Metropolitan State College of Denver. © 2022 Enterprise Management Associates, Inc. 3 Christopher Steffen Managing Research Director Information Security, Risk and Compliance Management
  4. 4. @ema_research @ema_research Agenda © 2022 Enterprise Management Associates, Inc. 4 Introduction 1 2 3 Security Trends Organizations That HAVE Implemented TLS 1.3 4 Organizations That HAVE NOT Implemented TLS 1.3 5 Conclusions
  5. 5. @ema_research @ema_research Sponsors 5 © 2022 Enterprise Management Associates, Inc. @ema_research
  6. 6. @ema_research Introduction
  7. 7. @ema_research @ema_research Demographics & Methodology 7 Sample Size = 208 © 2022 Enterprise Management Associates, Inc.
  8. 8. @ema_research Security Trends
  9. 9. @ema_research @ema_research What was the primary motivation to implement TLS 1.3 in your organization? © 2022 Enterprise Management Associates, Inc. 9
  10. 10. @ema_research @ema_research © 2022 Enterprise Management Associates, Inc. 10 How concerned is your organization that TLS 1.3 may disrupt existing network and security monitoring functions?
  11. 11. @ema_research @ema_research Which of the following best describes your security team's view of network encryption? © 2022 Enterprise Management Associates, Inc. 11
  12. 12. @ema_research Organizations That Have Implemented TLS 1.3 12
  13. 13. @ema_research @ema_research Did enabling TLS 1.3 on your organization's enterprise network require a change in your network/security architecture? © 2022 Enterprise Management Associates, Inc. 13
  14. 14. @ema_research @ema_research What benefits has your organization realized by implementing TLS 1.3 within your enterprise network? © 2022 Enterprise Management Associates, Inc. 14
  15. 15. @ema_research @ema_research Is business traffic for employees working remotely encrypted using TLS 1.3? © 2022 Enterprise Management Associates, Inc. 15 Do you require third parties/vendor/contract or connections to use TLS 1.3?
  16. 16. @ema_research @ema_research Has your organization experienced any security incidents/ breaches as a result of the loss of visibility due to the implementation of TLS 1.3? © 2022 Enterprise Management Associates, Inc. 16 At any point during your organization's TLS 1.3 implementation, were you forced to roll back the implementation due to lack of visibility? Did enabling TLS 1.3 on your organization's enterprise network have a negative impact on the user experience from being forced to decrypt traffic?
  17. 17. @ema_research Organizations That Have Not Implemented TLS 1.3
  18. 18. @ema_research @ema_research How would you rate your organization's security concerns about implementing TLS 1.3? © 2022 Enterprise Management Associates, Inc. 18
  19. 19. @ema_research @ema_research Has the adoption of TLS 1.3 by most industry technology vendors impacted your plans not to adopt TLS 1.3? Does TLS 1.3 create more of an operational or security issue for your organization? How concerned are you that TLS 1.3 may break existing security controls? © 2022 Enterprise Management Associates, Inc. 19
  20. 20. @ema_research @ema_research Did the lack of security talent/lack of security resources impact your decision to NOT implement TLS 1.3 in your organization? © 2022 Enterprise Management Associates, Inc. 20
  21. 21. @ema_research @ema_research © 2022 Enterprise Management Associates, Inc. 21 You indicated that your organization would not implement TLS 1.3. Below is a list of potential issues with deploying TLS 1.3. Please rate each reason according to its relevance to your organization.
  22. 22. @ema_research Conclusions
  23. 23. @ema_research @ema_research © 2022 Enterprise Management Associates, Inc. 23 Conclusions Visibility and monitoring considerations remain the biggest obstacle to adoption. Resource and implementation costs are significant. Remote work, regulatory and vendor controls, and improved data security are drivers.
  24. 24. @ema_research @ema_research Get the Report! Learn more and download at http://bit.ly/3VDy3yl © 2022 Enterprise Management Associates, Inc. 24

×