Skip to main content
banner image
venafi logo

PCI SIG Voting Now Open—Vote for Securing Keys and Digital Certificates Proposal

PCI SIG Voting Now Open—Vote for Securing Keys and Digital Certificates Proposal

October 14, 2014 | Tammy Moskites

I know that meeting and maintaining PCI DSS compliance is a major undertaking for fellow CISOs and teams, and our collective efforts to do so improve the overall security of our organizations. Yesterday, the PCI SSC opened the voting for the 2015 PCI special interest group (SIG) projects and PCI Participating Organizations can vote through October 24. These PCI SIGs are an opportunity to gain clarity on meeting the PCI DSS requirements more effectively and efficiently, increasing security. Let’s vote for the topics that will provide the most value.

An important proposal addresses the need to better protect digital trust called, Securing Cryptographic Keys and Digital Certificates. This protection has become critical for merchants, financial institutions, and payment processors. Keys and certificates authorize and authenticate servers, devices, software, cloud, and privileged administrators and users—establishing the trust on which our businesses depend. But as we’ve come to rely more heavily on keys and certificates, cybercriminals have made them more of a target. They use unprotected keys and certificates as weapons that authenticate and evade detection, bypassing other security controls.

Controlling requirements for cryptographic keys and digital certificates are contained throughout the PCI DSS for data at rest, data in transit, authorization and authentication. But beyond providing guidance on meeting these requirements, the SIG can provide direction on how to maintain security within particular use cases, including remediating vulnerabilities like Heartbleed and defending against increasing trust-based attacks (think Snowden, the Mask Operation, APT1, and more ). The PCI DSS includes general security requirements for keys and certificates, but organizations also need to know how to defend against real-world threats.

This PCI SIG is an opportunity to pull together the knowledge from merchants, financial institutions, payment processors, QSAs, and security experts to provide invaluable guidance on securing keys and certificates to preserve our trust in digital business communications. To learn more and show your support for the PCI DSS SIG on Security Cryptographic Keys and Digital Certificates, visit and vote in the PCI SSC SIG election today.


PCI SCC 2015 SIG Proposal: Securing Cryprographic Keys and Digital Certificates



Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Tammy Moskites
Tammy Moskites

Tammy is Managing Director, Senior Security Executive at Accenture. She has 30 years of experience and is noted for her expertise leading IT security organizations. She was previously the CIO/CISO of Venafi Inc.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more