Should Your Information Security Department Be Allowed To Decrypt Incoming and Outgoing SSL Traffic?

Advances in technology have allowed organizations to monitor increasing volumes of information and even inspect encrypted traffic on the fly. The question now becomes, "Should your information security department be allowed to decrypt incoming and outgoing SSL/TLS traffic for the purpose of reducing risk to the university?" Join our moderator and referee Eric van Wiltenburg to help keep Dave Kubert and Hugh Burley honest for this full on, drop the gloves debate.



Dave Kubert

IT Security Officer, University of Northern British Columbia

Hugh Burley

Manager, Information Security, Thompson Rivers University

Eric van Wiltenburg

Manager, Information Security, University of Victoria