"Unencrypted Traffic Still Undermining Wi-Fi Security"

The RSA Conference in February taught us that even cybersecurity professionals must improve their security posture. Cisco and NetWitness' Security Operations Center (SOC) captured 55,525 cleartext passwords from 2,210 unique accounts. In one SOC investigation, a chief information security officer had a misconfigured email client that sent passwords and text in the clear. While the number of cleartext passwords is down from 96,361 in 2020 and more than 100,000 in 2019, there is still room for improvement, according to Jessica Bair Oppenheimer, director of technical alliances at Cisco Secure. The RSA Conference 2022 Security Operations Center Findings Report provides insight into network usage among a security-conscious user group. Cisco and NetWitness both stressed that the wireless network at the RSA Conference is not configured to be secure, but rather to be monitored for educational purposes. As a result, the network has a flat architecture, allowing any device on the network to communicate with any other device. Host isolation, which allows devices to connect to the Internet but not to other devices on the network, is more secure but less appealing. The 2022 RSA Conference had roughly half the number of attendees as the previous conference in 2020, but approximately the same number of network users, according to the report. The main problem was that encryption was not used for the authentication step when using email and other popular applications. According to the report, nearly 20 percent of all data passed through the network in the clear. This article continues to discuss key findings from the RSA Conference 2022 Security Operations Center Findings Report.

Dark Reading reports "Unencrypted Traffic Still Undermining Wi-Fi Security"