-
Blog Post Mar 13, 2019
63-Bit Password Emphasizes Role of Automation in Enterprise PKI
Industry PKI experts recently have discovered a flaw in certificate generation practices that employ the commonly used EJBCA CA tool, which can result in serial numbers with 63 bits of entropy as opposed to the 64 bits required by public certificate guidelines. Episodes like this one put a spotlight on the value of automation in certificate practices. Automated capabilities enable the consistently correct maintenance, revocation, and replacement of a large number of certificates with little human interaction required.
-
Blog Post Mar 12, 2019
New Research Regarding Online Criminal Marketplaces for Certificates
A recent study by Georgia State University suggests that criminal online marketplaces feature a steady supply of TLS / SSL certificates from all major public CAs. Sectigo is eager to work with researchers like these and others to help reveal criminal activity and create strategies to mitigate its effectiveness without preventing legitimate business from benefiting from public certificates.
-
Blog Post Mar 04, 2019
S/MIME 101: Maintaining DFARS Compliance Using S/MIME
Supplementing the original Defense Federal Acquisition Regulation to mandate encryption of all data at rest or in transit, DFARS creates a security baseline that must be met by all contractors. Since email is just as indispensable to defense contractors as it is to any other industry, this means that effective encryption tools must be set in place before doing business with the government.
-
Blog Post Mar 01, 2019
Authentication Is Not for the Party Being Authenticated
Many people would be surprised to learn that the purpose of digital certificates is not to enable encryption. Our IT systems are frequently engineered not to enable encryption unless certificates are in place (most obviously when connecting to a web site using a popular desktop or mobile browser), but that decision is in recognition of the original purpose of certificates, which is to authenticate the identity of a participant in a digital transaction.
-
Listen Now
EPISODE 07
Broadcast Date:
February 19, 201912 minutes
Podcast Feb 19, 2019Root Causes 07: Russian Disconnection from the Internet
Russia plans to disconnect from the internet as a trial exercise for full-blown cyber warfare. Learn some of the problems facing Russia if they disconnect.
-
Listen Now
EPISODE 06
Broadcast Date:
February 19, 201921 minutes
Podcast Feb 19, 2019Root Causes 06: Quantum-Resistant Cryptography
The pending Quantum Apocalypse requires that we replace the hashing and encryption algorithms used through the internet, and connected devices.
-
Blog Post Feb 15, 2019
Spear Phishing Attack Prevention with S/MIME
Protect your emails from spear phishing attacks with S/MIME certificate technology & learn how to recognize the warning signs of a security breach.
-
Blog Post Feb 11, 2019
Email Security Threats & How S/MIME Helps
How S/MIME (Secure/Multipurpose Internet Mail Extension) technology protects against email security vulnerabilities while adhering to regulations.
-
Listen Now
EPISODE 05
Broadcast Date:
February 7, 201919 minutes
Podcast Feb 07, 2019Root Causes 05: Cryptographic Quantum Apocalypse
The world's cryptographic schemes are in danger. To prepare for the "Quantum Apocalypse" we will need to replace our schemes with a new set of ciphers.
-
Listen Now
EPISODE 04
Broadcast Date:
January 25, 201925 minutes
Podcast Jan 25, 2019Root Causes 04: Australia's New IT Security Back Door
Australia now requires a back door to IT systems. Join our PKI experts to learn about the dangers of such a system - and why they have failed in the past.
-
Blog Post Jan 22, 2019
Regulators Are Levying Early Fines for GDPR Violations
We have seen the first major fine hit a company for failing to meet GDPR data privacy requirements in Europe, and it’s a doozy. French data regulator CNIL has fined Google 50 million euros for its advertising personalization practices.
-
Listen Now
EPISODE 03
Broadcast Date:
January 16, 201916 minutes
Podcast Jan 16, 2019Root Causes 03: US Government Shutdown and Security Vulnerabilities
The US government shutdown has taken its toll on IT systems. Tune in to learn more about the risks of the ongoing shutdown to government infrastructure.
