Despite knowing the risks, IT security professionals aren’t doing anything about the rampant misuse of keys and certificates let alone the problem of untrusted certificate authorities.
That’s the message of Venafi’s latest report, based on a survey of professionals at Black Hat USA 2015.
Venafi found worrying deficiencies in awareness and the ability to respond to attacks that use certificates in its survey of 300 delegates at the annual conference which was held in Las Vegas, 1 to 6 August.
Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, told SCMagazineUK.comthat the most worrying aspect of the survey was that only a few of those surveyed appreciated the level of risk around certificate authorities, the bodies responsible for issuing and verifying the authenticity of digital certificates.
View full story