This document summarizes a webinar on TLS 1.3 and how it will impact network security and decryption practices. TLS 1.3 enables improved privacy and security but reduces visibility for security teams. The webinar speakers were Paula Musich, a security research director, and Scott Register from Ixia, who discussed the challenges networks will face in decrypting traffic while maintaining performance. A survey found that while adoption of TLS 1.3 is increasing rapidly, many organizations are unprepared for the impact on their security architectures and monitoring capabilities.
Navigating Identity and Access Management in the Modern Enterprise
TLS 1.3: Expert Advice to Modernize Your Security and Decryption Practices
1. Paula Musich
Research Director
Enterprise Management Associates
TLS 1.3: Expert Advice to
Modernize Your Security and
Decryption Practices
IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Scott Register
VP, Product Management
Ixia, a Keysight business
2. Watch On-Demand Webinar
• TLS 1.3: Expert Advice to Modernize Your Security and
Decryption Practices On-Demand webinar is available here:
http://info.enterprisemanagement.com/tls-1.3-expert-advice-to-
modernize-your-security-and-decryption-practices-webinar-ws
• Check out upcoming webinars from EMA here:
http://www.enterprisemanagement.com/freeResearch
4. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Paula Musich
Research Director
Enterprise Management Associates
TLS 1.3: Expert Advice to
Modernize Your Security and
Decryption Practices
10. Where Encryption is Enabled
TLS 1.3
34%
55%
58%
71%
76%
For internally-developed applications
For web services
For email services
Within the data center
Within the enterprise network
11. Where, if at all, does your organization intend to implement
encryption over the following timeframes?
4%
3%
5%
11%
34%
44%
4%
2%
4%
14%
30%
45%
7%
3%
3%
17%
29%
40%
4%
2%
2%
14%
29%
49%
6%
2%
4%
10%
29%
50%
We don’t intend to implement additional encryption
2 years or more
19 to 24 months
13 to 18 months
7 to 12 months
0 to 6 months
Total
For internally-developed applications For web services For email services
Within the enterprise network Within the data center
17. How much will it cost to adapt security
architectures to TLS 1.3?
TLS 1.3
4%
13%
27%
35%
17%
4%
0%
17%
25%
42%
17%
0%
2%
10%
25%
42%
18%
4%
10%
16%
30%
22%
16%
5%
29%
10%
24%
10%
19%
10%
Over $1 Million
$501,000 to $1 Million
$251,000 to $500,000
$101,000 to $250,000
$51,000 to $100,000
Less than $50,000
VL Enterprise Enterprise (All) Midsized SMB Total
20. Key Findings Summary
• The spreading use of encryption in the enterprise is growing rapidly, but
introduces some concerns over the ability to inspect for malware hidden in
encrypted files
• TLS 1.3 enablement is happening much faster than expected
• There is an apparent disconnect between enablement plans and what’s
required to achieve that while maintaining visibility for troubleshooting and
security monitoring
• Greater education is required to bridge that gap