As we look back all the positive attention generated by National Cyber Security Awareness Month, we see some areas that still deserve more focus. Exploits using keys and certificates are one of the fastest growing threat vectors. Yet, surprisingly, many organizations do not realize the impact that managing keys and certificates can have on their security risk posture.
While experiencing unprecedented growth, driven largely by the steady increase of encrypted traffic, keys and certificates are not generating a proportionate level of attention. Granted, most organizations acknowledge the importance of keys and certificates as a necessary element of authorization and encryption. But it’s difficult for many to think ahead to the consequences of their misuse or mismanagement. But when you frame those consequences in terms of compromises or systems outage, ears begin to prick up.
But simply acknowledging the problem doesn’t change how hard it is to keep track of the sheer number of keys and certificates organizations now have to manage. Many still have trouble creating an accurate inventory of their keys and certificates. Yet, without that visibility, it’s nearly impossible to determine if any of their keys and certificates are being misused by cybercriminals.
The privileged access that keys and certificates grant makes them a highly sought after tool of cybercriminals. They determine trust between systems, enabling secure connections and communications within your organization. When cybercriminals misuse that trust through fraudulent or rogue keys and certificates, they hit the trust jack pot. They gain access to systems and privileged information that they can misuse for their gain—and your loss.
Properly managing keys and certificates also helps increase the effectiveness of your organization’s security tools. How? If your security tools cannot access keys and certificates to inspect encrypted traffic, then you will not be able to tell how much of that traffic is legitimate. You may inadvertently be giving cybercriminals a free pass to hide in your encrypted traffic. And your security won’t be able to detect it.
It’s important to protect the weakest link to avoid this type of blind spot and the potential exploits that come with it. So as we close out National Cyber Security Awareness Month, do yourself a favor. Ask the hard questions about how secure your keys and certificates really are. Do you have a complete inventory? Do you know when they are set to expire? Do you know who has access to them? And do you know how they are being used? Then act accordingly.