Cyber Defense eMagazine June 2020 Edition
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
spreadsheet-based tracking and manual processes. While well-meaning, the combination of complex<br />
ecosystems and manual processes almost always lead to undocumented installations and risk exposure.<br />
Like any IT security initiative, the best place to start is with an updated system audit to help you assess<br />
where your tools and processes rank in terms of efficacy and security. Regardless of the program you’ve<br />
got in place Gartner suggests program managers conduct a periodic evaluation of certificate usages,<br />
volume and expected use-case expansion. Inevitably more use cases mean more risk - security and risk<br />
managers should consider a certificate management solution over spreadsheet-based methods.<br />
Still think spreadsheets are the right tool for your organization? Here are five reasons to reconsider<br />
spreadsheets as your primary certificate management tool:<br />
By 2022, organizations that leverage X.509 certificate management tools will suffer 90% fewer certificaterelated<br />
issues and will spend half the time managing these issues, compared with organizations that use<br />
spreadsheet-based management methods. ~ Gartner<br />
Gartner cited a certificate management tool vendor who recently pointed out that when it observes clients<br />
executing on a discovery process, clients typically see five to 10 times more certificates in their<br />
environment than expected.<br />
Reason #1: Spreadsheets don’t scale<br />
Spreadsheets can’t natively scale alongside your Public Key Infrastructure (PKI) program and its growing<br />
number of digital certificates. The manual effort required to maintain spreadsheets never decreases,<br />
especially as new certificates are regularly deployed on the network. Growing certificate counts and<br />
shorter validity periods make spreadsheet-based tracking infeasible for most organizations today.<br />
Reason #2: Spreadsheets aren’t audit-ready<br />
To prove compliance, you need to be able to demonstrate that you have complete visibility to all digital<br />
certificates, detailed information about the algorithms they use, where they were issued from, where<br />
they’re installed, who owns them and what applications rely on them. It’s next to impossible to capture<br />
that level of detail and updates with a manual spreadsheet.<br />
Reason #3: Spreadsheets lack automation<br />
Many organizations underestimate the care and feeding required to continuously manage their<br />
certificates. The issuance process alone typically takes three to six hours which includes generating a<br />
key pair on a server, exporting the public key, ensuring certificate authority certification (thereby<br />
converting it into X.509 certificate format), installing it, verifying that it’s active and finally returning the<br />
server to live operation. That doesn’t account for time spent continually tracking down assets with<br />
certificates, general maintenance and updates.<br />
Reason #4: Spreadsheets create visibility gaps<br />
It’s not the certificates you track that will cause your next outage - it’s the one’s you haven’t yet discovered.<br />
Spreadsheets only allow you to account for and track the certificates you know about. The reality is that<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> –<strong>June</strong> <strong>2020</strong> <strong>Edition</strong> 101<br />
Copyright © <strong>2020</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.