From darkreading.com
Organizations that have not implemented controls for detecting malware hidden in encrypted network traffic are at risk of having a vast majority of malicious tools being distributed in the wild, hitting their endpoint devices.
A study of threat activity conducted by WatchGuard Technologies using anonymized data gathered from customer networks showed 91.5% of malware detections in the second quarter of 2021 involved malware arriving over HTTPS-encrypted connections. Only 20% of organizations currently have mechanisms for decrypting and scanning HTTPS traffic for malware, meaning the remaining 80% are at risk of missing nine-tenths of the malware hitting their networks daily, WatchGuard said.