PKI Blog

SCEP Shortcomings

Posted by Ted Shorter on Mar 27, 2017 4:17:51 PM

Despite the documented shortcomings of the Simple Certificate Enrollment Protocol (SCEP), it is still in widespread use today. This is in large part due to the lack of better options when it comes to certificate enrollment – especially when it comes to more limited devices such as mobile phones, tablets, and constrained Internet-of-Things (IoT) devices such as embedded systems, sensors, automotive components, or medical devices. The simplicity of SCEP makes it an attractive choice for implementers that are bent on meeting tight timelines, but this simplicity can come at a cost.

Read More

Topics: SCEP, Simple Certificate Enrollment Protocol

SHA-1 is “Shattered”

Posted by Wayne Harris on Mar 22, 2017 11:41:01 AM

SHA-1 has been in the news (again). We’ve all known that the SHA-1 hash function is cryptographically weak. In fact, CSS has been pointing out the weaknesses of SHA-1 for years now.


Read More

Topics: SHA-1, SHA-2

CSS to Attend RSA 2017, Featuring CMS Sapphire for PKI-as-a-Service (PKIaaS), CMS VerdeTTo IoT Directory Services, and CMS Topaz for Cloud Apps.

Posted by CSS Technical Team on Feb 9, 2017 3:06:59 PM

Planning on attending RSA 2017? Connect with CSS!

Are You Attending RSA 2017? Connect with the Cyber Security Experts at Certified Security Solutions

Certified Security Solutions (CSS) will be attending the 2017 RSA Conference in San Francisco this February. Our full team will be in attendance, and we’re looking forward to getting to know the information security professionals of the community and interfacing with attendees. We will also be featuring our latest solutions that include CMS Sapphire for PKI-as-a-Service, CMS VerdeTTo IoT Directory Services, and CMS Topaz for Cloud Apps and Application Developers.

Read More

Topics: RSA, PKI, IoT

Security Considerations of the Aerospace and Defense Industry

Posted by CSS Technical Team on Feb 3, 2017 10:25:33 AM

Cyber Threats to Aerospace and Defense


 Cyber Threat Conditions in Aerospace and Defense  

As one can imagine, the aerospace and defense industry is full of highly sensitive data. When you consider their primary customers, namely the federal government and federal space programs, it’s no surprise that the kind of information commonly transmitted is extremely classified by nature.

Read More

Topics: PKI, Cyber Security, Cyber Threats, Aerospace

Cyber Threats to Telecom

Posted by CSS Technical Team on Jan 26, 2017 7:17:12 PM

Evolving Challenges of Cyber Security in Telecommunications

The Telecom Threat Environment

For the telecommunications sector, staying up-to-speed with information security challenges is a constant battle. Telecom organizations are expanding their reach and transforming into full-blown technology companies. Such a complex ecosystem for business means that the industry is facing unending IT threats, and will continue to have the need to balance a variety of compliance requirements. In engaging with millions of customers subscribing to services ranging from cable, the Internet, home and mobile phone service, and even data centers, the industry is operating within a heavily risk-laden environment.

Read More

Topics: PKI, Cyber Security

The Threat Landscape of Manufacturing

Posted by CSS Technical Team on Jan 12, 2017 4:14:29 PM

Manufacturing is Contending with a Changing Risk Environment

An Overview of Cyber Threats to Manufacturing

Manufacturing is a widespread industry with a lot of components. Mass production, purchasing, selling, and the information and data management necessary to oversee it all largely make up the inner workings of the day-to-day in manufacturing. All manufacturers today are facing cybersecurity issues, including communication security, internet security, protecting customer information and managing sensitive information such as trade secrets and credit card or financial data through production and control systems. It’s a heavy burden to bear.

Read More

Topics: PKI, IoT, Cyber Security, manufacturing

CSS Research Survey: Digital Identity Insights

Posted by CSS Technical Team on Jan 5, 2017 4:01:19 PM

CSS Presents Cyber Security Survey Results

 
A National Digital Identity Insights Survey

In Q4 2016, CSS Research surveyed information security professionals on their current and anticipated public key infrastructure (PKI) usage, as well as PKI challenges and plans for 2017.

CSS Research surveyed 105 respondents who manage cyber security tools in an evolving digital authentication landscape nationally.

Read More

Topics: PKI, Cyber Security

The Importance of Digital Certificate Management

Posted by Michael Kubach on Dec 22, 2016 3:52:35 PM

How Properly Managing Digital Certificates Enhances Your Security Posture

Digital Certificate Management and Cyber Security Today

Cryptography itself has been around for a while; what’s interesting is how it’s evolved over time. The landscape is changing from back in the day when we had mainframes and large computing power—with everything becoming smaller, and given the proliferation of devices and IoT, that’s a marked shift is happening in the marketplace. More and more digital certificates are being placed onto phones, iPads, Android devices, and even onto objects that simply have Bluetooth connections that require authentication. Large companies that are making Internet of Things (IoT) devices need to know how to secure them. Even cars have network stacks, and thus the need to be able to upgrade firmware.

Read More

Topics: digital certificate, PKI, Cyber Security

Cybersecurity in Retail: Facing the Threats of Today

Posted by CSS Technical Team on Dec 16, 2016 1:41:13 PM

Facing the Cybersecurity Challenges of the Retail Sector

Retail’s Cyber Threat Environment: Debit Cards, Credit Cards, and Surviving as a Popular Target

The Internet, technological evolution, and the “always on, always connected” nature of humanity today certainly enables many convenient capabilities. We can order dinner with the swipe of a finger, reserve movie tickets instantaneously and purchase clothing within seconds. Sure, it’s useful, but the extent to which we’re digitally processing payments today poses quite a few security challenges for the retail sector.

Read More

Topics: PKI, Cyber Security, Retail

5 PKI New Year's Resolutions for 2017

Posted by CSS Technical Team on Dec 12, 2016 11:40:51 AM

CSS Presents PKI Promises for the Security of Next Year

Making 2017 Your Business’ Most Secure Year

2016 was an eventful year for cyber security, from beginning to end. While longstanding security problems remained challenging, many new methods of executing cybercrime emerged and affected businesses throughout all industries, and a number of high-impact attacks glared among headlines throughout the year. 

Read More

Topics: digital certificate management, PKI, Cyber Security

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?