CA agility is on the mind of many cyber security researchers and experts. In my previous post, I discussed the events that have led to this popular topic of industry conversation. However, that post reflects only a portion of the situation.
In this entry, I’ll discuss why certificates continue to be critical to an organization’s cyber security posture. I’ll also offer up proven steps that CISOs and security architects can take to strengthen the agility of their security teams and operations.
While organizations have struggled with implementing certificates in the past, it’s clear the role of certificates is only going become more important in the future. Every machine needs an identity (including, containers, cloud IaaS applications and IoT devices) and digital certificates are the preferred method of identification.
In addition, organizations understand the importance and need for increased privacy. Encryption is a necessity, from the GDPR to defeating government surveillance; more and more network traffic is encrypted. Together, these factors mean that the protection of machine identities is more important than ever.
So how, exactly, should security leaders adapt their strategies to compensate for the challenges the CA industry faces and their own increasing requirements for certificates?
First, organizations need complete situational awareness of all certificates in use. Security teams must have accurate visibility of their entire certificate landscape to be able to make informed changes quickly. Investing in tools that automate this process can help complete these tasks in minutes.
Once visibility is achieved, organizations should complete the steps below to boost their CA agility:
Quickly and precisely identify the location, owner and key characteristics of every certificate issued across all CAs, both internal and external.
Immediately understand which devices, services and applications are effected by each certificate in order to effectively prioritize rotation and remediation.
Use technology that can revoke, replace, renew or rotate certificates at machine speed and scale.
Validate that all certificate remediation complies with security policies and workflows so you can prove that any certificate changes have been completed correctly.
This guidance fits with the model developed by NIST in 2012 for responding to a CA compromise. Could your organization and systems measure up to this maturity test?