PKI Blog

IoT Security Regulation: Coming Soon?

Posted by Ted Shorter on Aug 7, 2017 3:34:16 PM

Last week, a bipartisan group from the US Senate Cybersecurity Caucus proposed a new piece of legislation called the “Internet of Things Cybersecurity Improvement Act of 2017.”  While the bill has yet to be ratified, it places more intense focus on securing the billions of devices that will be given network and internet connectivity over the next few years. 

Read More

Topics: Internet of Things, Internet of Things (IoT), IoT Security, IoT legislation

How I Lost Control of My PKI

Posted by Ex-PKI Guy on Jun 27, 2017 9:24:02 AM

My alarm signals like an acoustic guitar. I really need to change that sound – it’s starting to get on my nerves. A quick email scan before I begin my morning routine. Justin was finally able to get the domain joined machines in the correct group policy – nice. Next email, a support ticket stating access to the vacation request system was denied. Probably just another user error, I’d get to it later on.

Read More

Topics: Public Key Infrastructure, PKI

The Real Cost of an Expired Digital Certificate

Posted by CSS Technical Team on Jun 22, 2017 1:03:04 PM

The average global 5,000 company spends about $15 million to recover from a certificate outage. These estimates are based on a Ponemon survey of about 2,400 global respondents which include remediation costs, loss of productivity, lost revenues, and brand image damage.

Read More

Topics: digital certificate, Public Key Infrastructure, PKI, Digital Identity Management, Unplanned Outages

Reflections on the 2017 Thales Data Threat Report

Posted by CSS Technical Team on Jun 2, 2017 1:40:54 PM
Trends in Encryption and Data Security Include Major Implications for the IoT

Key Trends of the 2017 Thales Data Threat Report

The Global Edition of the 2017 Thales Data Threat Report featured a number of trends in the data set which are noteworthy for enterprises invested in the IoT, as well as cloud security. The 2017 report is based on a survey of over 1,100 security executives across the globe, and emphasizes the security impacts of advanced technologies, including cloud, big data, IoT, and containers.

Read More

Topics: Thales e-Security, Encryption, IoT Security, Data Security

Layering Certificate-based Authentication Security onto ThingWorx IoT Platform

Posted by CSS Technical Team on May 19, 2017 1:59:29 PM

Congratulations, you’ve chosen ThingWorx to launch and manage your IoT devices, applications and data. Your goals are clear, your code has been tested and the connections are ready to engage. Unfortunately, you’ve forgotten a critical component that will sadly cause your entire project to fail.

Added layers of security, specifically unique device key authentication.

Read More

Topics: IoT, Internet of Things (IoT), PKI for IoT, Cyber Security, ThingWorx

How Will Blockchain Impact PKI?

Posted by Ted Shorter on May 18, 2017 8:49:05 AM

As CTO at Certified Security Solutions, I’ve been asked the question more and more lately, how will Blockchain impact PKI?”  

There’s so much mysticism around Blockchain technology today that it can become difficult to separate the reality from the hype, and the logical conclusions from wild speculation.  Nonetheless, digital certificates, and other identity-related technologies such as Public Key Infrastructure (PKI), Federation and OAuth are a core component of many systems today, so it’s logical to examine how a disruptive technology such as Blockchain will affect these technologies.

Read More

Topics: blockchain help, blockchain security, blockchain, blockchain pki, what is blockchain, public key infrastructure blockchain

Google Chrome Version 58: Short and Long Term Fixes

Posted by CSS Technical Team on May 5, 2017 2:02:23 PM

With Google’s recent Chrome 58 version update, your Public Key Infrastructure (PKI) may suddenly be impacted. Your formerly-compliant HTTPS certificates may no longer be working. CSS is here to explain what has changed, why has it changed and how to identify which certificates may be impacted. We will look at a temporary Google Chrome work around and view best practice security settings to adopt when working with SANs (Subject Alternative Name) certificates.

Read More

Topics: expired certs, Public Key Infrastructure (PKI), Google Chrome Version 58, CRL Monitoring, Certificate Provisioning, PKI for chrome

SCEP Shortcomings

Posted by Ted Shorter on Mar 27, 2017 4:17:51 PM

Despite the documented shortcomings of the Simple Certificate Enrollment Protocol (SCEP), it is still in widespread use today. This is in large part due to the lack of better options when it comes to certificate enrollment – especially when it comes to more limited devices such as mobile phones, tablets, and constrained Internet-of-Things (IoT) devices such as embedded systems, sensors, automotive components, or medical devices. The simplicity of SCEP makes it an attractive choice for implementers that are bent on meeting tight timelines, but this simplicity can come at a cost.

Read More

Topics: SCEP, Simple Certificate Enrollment Protocol

SHA-1 is “Shattered”

Posted by Wayne Harris on Mar 22, 2017 11:41:01 AM

SHA-1 has been in the news (again). We’ve all known that the SHA-1 hash function is cryptographically weak. In fact, CSS has been pointing out the weaknesses of SHA-1 for years now.


Read More

Topics: SHA-1, SHA-2

CSS to Attend RSA 2017, Featuring CMS Sapphire for PKI-as-a-Service (PKIaaS), CMS VerdeTTo IoT Directory Services, and CMS Topaz for Cloud Apps.

Posted by CSS Technical Team on Feb 9, 2017 3:06:59 PM

Planning on attending RSA 2017? Connect with CSS!

Are You Attending RSA 2017? Connect with the Cyber Security Experts at Certified Security Solutions

Certified Security Solutions (CSS) will be attending the 2017 RSA Conference in San Francisco this February. Our full team will be in attendance, and we’re looking forward to getting to know the information security professionals of the community and interfacing with attendees. We will also be featuring our latest solutions that include CMS Sapphire for PKI-as-a-Service, CMS VerdeTTo IoT Directory Services, and CMS Topaz for Cloud Apps and Application Developers.

Read More

Topics: RSA, PKI, IoT

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?