The VeriSign breach, which has only just been revealed after 18 months, is what Gartner has recently warned about in a recent report, citing that that certificate management is a real problem, that most firms just don’t realize they have.
How did the VeriSign hack occur, how could it have been prevented, what can companies do to make sure they have a strategy in place to move quickly when a Certificate authority they rely on gets hacked? If you would like to speak to the world’s leading authority on certificate key management and best practice then Jeff Hudson, CEO of Venafi is available for comment.
Jeff Hudson, CEO of Venafi said “The news revealing that VeriSign was compromised should not be a surprise to anyone. Hackers have been targeting and breaching high-value targets like RSA, Comodo, DigiNotar, and now add to the list, VeriSign. These targets are all trusted third-party providers of certificates, services, or secure tokens—technologies that are extensively used to authenticate and create trusted relationships on the internet and within organizations worldwide. The inescapable conclusion is that these providers will continue to be compromised. The breaches cannot be stopped.
Let’s face it, these organizations know that they are high-value targets and take extraordinary measures to protect themselves, and yet they are still successfully attacked and breached despite these best efforts.
What does this mean to organizations? 1) A sober recognition of the fact that these kinds of breaches will continue; 2) Organizations must not put all their eggs in one basket. They need to leverage multiple third-party providers. If one is compromised, then they can switch to another that isn’t compromised; 3) Organizations must have recovery plans in place to replace any certificate or service that has been compromised and get it done within hours, not days or weeks. Ultimately, being prepared with a rapid response is the best response. The foundational question is not if these third parties will be breached because there is significant evidence that the breaches will continue. The question becomes: how fast can one switch to another service or certificate when the next breach occurs.
Source: Press release