In response to the news that Microsoft is planning to increase its use of encryption of customer data sent over the internet in a bid to thwart the pervasive internet surveillance being practised by the US National Security Agency (NSA) and the UK’s GCHQ, Amichai Shulman, CTO of Imperva has made the following comments:
“I think that if there’s one thing that the information leaked by Snowden proves (as well as the leak itself) is that threats (by NSA or others) are far from being related to merely encrypting traffic on the web. In fact, anyone who has not been encrypting web traffic on the web for the past 15 years should have assumed some compromise of the information. Enterprises who do displace large amounts of data over the Internet without using encryption should have expected leakage one way or another (even accidental). I think that the “news worthy” items leaked by Snowden are those that show how NSA (and others) can work their way AROUND encryption by going inside organizations through servers or end stations. I think that the true response for these emerging threats is to obtain a better control of our data sources and timely detection of their abuse by intruders.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.