According to previous research, a majority of organizations manually manage digital certificates with spread sheets and reminder notes – a rather low-tech solution that leaves them exposed to potential security compromises. The problem cannot be underestimated, as additional data show a dramatic 600% increase in attacks on keys and certificates during the first five months of 2013. In fact, in just one month, Symantec identified over 800 different malware packages designed to steal keys and certificates.
So how does this all relate to APTs, and organizations’ ability to prevent them? The overall lack of management and control over these security features offers up the perfect attack vector for cybercriminals and cyber-espionage, and the cost ramifications for targeted organizations can be staggering – but there are strategies to deal with the problem.
Infosecurity, in partnership with Venafi, brings to you a live webinar later today featuring Dr. Larry Ponemon, founder of the Ponemon Institute, where he will discuss the research firm’s recent report on the costs associated with attacks on these “trust” mechanisms. Join Larry and the panel as they discuss why trust established by keys and certificates are ideal attack targets, how they can be used against your organization, why they are a rich APT attack vector, and advice that can help improve the effectiveness of your APT prevention strategy.
There’s still time to register for this live webinar session today at 1 PM EDT, where (ISC)² members can earn CPE credits for attending. If you can’t make the live session, you can still register to view the on-demand version available shortly after the live session wraps up.