It can ensure they comply with needing to pry
Networker Colt Technology Services is working with technology partner Venari Security to oversee into encrypted traffic on its comms infrastructure, in order to secure its clients and help them meet complex regulatory requirements. “Neither Colt or Venari has visibility into the data of its customers. The solution works by running across our customers’ networks – not Colt’s or Venari’s,” according to Colt, which explained the workings of the the partnership with this analogy. “If it were a padlocked box with confidential papers inside, we would simply be examining the padlock itself for how secure it makes the box, and managing the box’s journey to its next destination.” The Colt IQ Network connects 222 cities and 32 countries with 1001 data centres, 51 Metropolitan Area Networks and 31,000 buildings across Europe, Asia and North America’s largest business hubs. Colt will integrate Venari’s encrypted traffic analysis (ETA) system VigilanceAI into its existing network service for enterprises.
Unparalleled
Venari claims to have ‘unparalleled insight and visibility’ on the active use of encryption across a client’s cloud, regulated and third-party environments. This means Colt customers can maintain strong encryption standards while supporting data privacy in transit. By providing this validation and visibility, Colt’s customers can obviate risk and minimise ‘attack surfaces’. Colt has not deployed Venari’s products on Colt’s infrastructure no decryption takes place. If the customer chooses the service, it only checks the configuration of the encryption on the customer’s network.
Regulation inflation
“Regulated industries and global organisations face significant challenges meeting country-specific and regulatory obligations and Venari lets businesses measure, monitor and meet them,” said Mirko Voltolini, VP Innovation, Colt Technology. The other problem for clients is that compliance regulations are a moveable, expensive feast. “In recent years we have seen a significant change in regulatory and privacy laws requiring data to be encrypted in transit,” said Voltini.
A sense of security
The majority of organisations have reported one or more cybersecurity incidents in the last 12 months. Forrester’s April, 2023 “Top Cybersecurity Threats in 2023” report put the number at 74%. In response, the VigilanceAI systems uses artificial intelligence to create two solutions to the problem, V-Comply and V-Detect. Colt will be integrating both into its offering, enabling it to provide a thorough ‘TLS attack surface review’ as part of the security hygiene service it routinely offers customers. Clients face significant financial penalties and reputation damage by not meeting privacy and regulatory compliance, said Hiten Mistry, chief revenue officer at Venari Security.
AI understands
The rise of quantum computing could make things even worse, and this is where preparation begins. “Our system understands their encrypted communications, highlights risk and meets all obligations over encryption,” said Mistry, warning that: “Organisations need omniscience over their encrypted comms to plan for a post-quantum era.” Maintaining encryption on data in transit whilst simultaneously being able to understand potential malicious activity is a tough balancing act. But the fine line has to be navigated to protect and demonstrate compliance, according to Maxine Holt, Senior Director of Cybersecurity at analyst Omdia.