Loading images...
Loading images...
Loading images...

Crypto Management – PKI, Certificate Management and other Crypto Challenges

Date Venue Presentations
Wed, Feb 15th, 2012 2:00pm
Wed, Feb 15th, 2012 5:00pm
Orrick, Herrington & Sutcliffe
51 West 52nd Street
New York, NY 10019
Check back after this event.

Cryptographic controls are in the forefront of protecting information, but such controls require appropriate implementation, application and oversight (governance). Such controls may be implemented to ensure the confidentiality or integrity of data in effort to be consistent with leading information security practices; however, many organizations are obligated to comply with industry regulations, state laws or contracts to ensure confidentiality/privacy of specific data.

Cryptographic controls have been consistently bypassed. For example:

Encryption algorithms and methodologies have required evolution given their susceptibility to cracking; Malware in recent years is designed to collect data in system RAM, to bypass encryption controls applied to data both in motion and at rest. More recently, researchers have discovered vulnerabilities in SSL/TLS that allow for the theft of encrypted cookies, which could result in data compromise.

For these reasons it is important to maintain strong cryptographic key management policies/processes, and advance cryptographic controls. This program will focus on cryptographic challenges and the efforts such as PKI implementation that have been adopted to address confidentiality/integrity risks.