Skip to main content
banner image
venafi logo

What Happens When You Neglect Encryption and Cybersecurity? [Encryption Digest 53]

What Happens When You Neglect Encryption and Cybersecurity? [Encryption Digest 53]

encryption-cybersecurity-hacks-encryption-digest-53
December 4, 2020 | Alexa Hernandez

It’s not uncommon for businesses to assume that a small team manually looking after certificates is sufficient, and that certificate-related outages or theft of cyber data is the type of thing that happens to other companies. But it’s just as easy for large organizations to have the same challenges with expiring certificates.

Recent events demonstrate that businesses and websites of any scale are vulnerable to attack when the proper measures aren’t taken. From governmental encryption vulnerabilities to cybersecurity breaches, neglect and complacency can lead to disaster. Allow these cautionary tales to encourage you to start investing in machine identity management today!

South Africa’s Cybersecurity Hub Exposed by Expired Certificate for a Week

The Cybersecurity Hub is South Africa’s governmental security hub, which plays the vital role of handling cybersecurity threats that South Africa’s residents report in. So it’s not unreasonable to expect that the website would follow security best practices to act as a beacon to those that it serves. One of those best practices is to maintain security certificates that safeguard the connection between a website and a web browser with encrypted keys. If one of those certificates expires, then it can jeopardize protection, as when expired certificates at Equifax contributed to the company’s notorious breach. Granted, renewing certificates can be a challenge with certificate lifecycles now shorter than ever. The Cybersecurity Hub security certificate expired on November 12th and wasn’t resolved until November 19th, a week later.

What could cause this type of security gap in a government-run website? As Venafi experts often point out, one of the biggest challenges with certificate management is maintaining a living record of not only when certificates expire, but where they are located and what they do. Depending on the size of your network, it could take a little while you diagnose and address expired certificates, as was the case with South Africa’s Cybersecurity Hub. This is one of many reasons that machine identity management is a game-changer for any organization, and automating your certificate management can ensure that certificate-related outages really won’t impact your website.

Healthcare Privacy Standards Are Shockingly Low

The U.S. Department of Health & Human Services Breach Portal reported that 418 HIPAA breaches were reported in 2019, compromising the protected health information (PHI) of nearly 35 million Americans. This seems staggering for an industry that should be entirely dedicated to the protection of privacy, and has been mandated to do as much via the 1996 Health Insurance Portability Accountability Act.

It turns out that while the regulations laid out by healthcare companies may seem adequate on paper, they fall short in failing to account for human error. For example, when a healthcare employee’s unencrypted laptop was stolen, the PHI of nearly 4,000 patients were stolen and accessible to malicious third parties. Hospitals have also been guilty of incorrectly disposing of documents and having patient PHI stolen right out of the garbage.

The bottom line is that encryption is terribly important. That being said, there are tangible steps healthcare companies can take to improve compliance with security guidelines. An in-house compliance professional can ensure that access to emails and attachments containing private patient information is restricted to only necessary parties, and block the use of personal and unencrypted devices for official communications.

 

Related posts

 

Like this blog? We think you will love this.
image representing big data
Featured Blog

Le chiffrement homomorphe : Définition et utilisation

Qu'est-ce que le chiffrement homomorphe ? Le

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Alexa Hernandez
Alexa Hernandez

Alexa is the Web Marketing Specialist at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more