Skip to main content
banner image
venafi logo

PCI SIG Voting Now Open—Vote for Securing Keys and Digital Certificates Proposal

PCI SIG Voting Now Open—Vote for Securing Keys and Digital Certificates Proposal

generic_blog_banner_image
October 14, 2014 | Tammy Moskites

I know that meeting and maintaining PCI DSS compliance is a major undertaking for fellow CISOs and teams, and our collective efforts to do so improve the overall security of our organizations. Yesterday, the PCI SSC opened the voting for the 2015 PCI special interest group (SIG) projects and PCI Participating Organizations can vote through October 24. These PCI SIGs are an opportunity to gain clarity on meeting the PCI DSS requirements more effectively and efficiently, increasing security. Let’s vote for the topics that will provide the most value.

An important proposal addresses the need to better protect digital trust called, Securing Cryptographic Keys and Digital Certificates. This protection has become critical for merchants, financial institutions, and payment processors. Keys and certificates authorize and authenticate servers, devices, software, cloud, and privileged administrators and users—establishing the trust on which our businesses depend. But as we’ve come to rely more heavily on keys and certificates, cybercriminals have made them more of a target. They use unprotected keys and certificates as weapons that authenticate and evade detection, bypassing other security controls.

Controlling requirements for cryptographic keys and digital certificates are contained throughout the PCI DSS for data at rest, data in transit, authorization and authentication. But beyond providing guidance on meeting these requirements, the SIG can provide direction on how to maintain security within particular use cases, including remediating vulnerabilities like Heartbleed and defending against increasing trust-based attacks (think Snowden, the Mask Operation, APT1, and more ). The PCI DSS includes general security requirements for keys and certificates, but organizations also need to know how to defend against real-world threats.

This PCI SIG is an opportunity to pull together the knowledge from merchants, financial institutions, payment processors, QSAs, and security experts to provide invaluable guidance on securing keys and certificates to preserve our trust in digital business communications. To learn more and show your support for the PCI DSS SIG on Security Cryptographic Keys and Digital Certificates, visit www.protecttrust.org and vote in the PCI SSC SIG election today.

 

Cheers!

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

Who Makes Better Cybersecurity Decisions, Men or Women?

4 Important Tips for Mentoring, Coaching and Growing Women’s Roles in Cybersecurity

Cybersecurity needs a new gender playbook

About the author

Tammy Moskites
Tammy Moskites

Tammy is Managing Director, Senior Security Executive at Accenture. She has 30 years of experience and is noted for her expertise leading IT security organizations. She was previously the CIO/CISO of Venafi Inc.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat