• Phone
  • Contact us
  • Locations
  • Search
  • Menu

Share

  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page
.
 
Close this video

UK firms at risk from attacks on crypto keys, digital certificates

Doug Drinkwater | SC Magazine | 31 March 2015

PA’s Sriram Srinivasan, a cyber security expert, is quoted in an article in SC Magazine commenting on a recent study which reveals that digital keys and certificates are in peril, especially at UK organisations.

The article explains that the biggest concern security professionals have is of a ‘Cryptoapolocalypse'-like event, where RSA and SHA encryption protocols are compromised and exploited, although misused enterprise certificates are also a problem.

Sriram says: “Cryptoapocalytic events where fundamental cryptographic algorithms are compromised would have far reaching consequences for businesses and governments world-wide and most businesses are poorly equipped to respond to such an event. 

“Widespread theft of cryptographic keys and the compromise of certificates which underpin the security of modern IT and communication systems such as the recently alleged large scale theft of keys from a global SIM card manufacturer would also fall into the same category if they are in fact true. 

Cybercrime Tipping Point Survey

Cyber crime tipping point survey


DOWNLOAD THE REPORT

“In our experience, most organisations today have policies and standards in place on the use of cryptography. However, with the growing complexity of modern IT systems, there is often a lack of understanding of the full extent of the proliferation of cryptographic keys and certificates within their environments."

Sriram goes on to say: “Organisations also have poor understanding of the consequences arising from a compromise of their keys and certificates and often do not have a view on how they would respond. Too few organisations have robust systems in place for the ongoing inventory and management of keys and certificates. They must also ensure that they have a well-defined strategy supported by senior management to promote the on-going health and security of their cryptographic systems.”

To find out more about how we are helping businesses with cyber security, please contact us now.

Find out more about our work in Digital.

Contact the Digital team

Anita Chandraker

Anita Chandraker

Email

Connect

Kevin O'Shaughnessy

Kevin O'Shaughnessy

Email

Connect

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.

×