Cybersecurity Attacks Increasingly Coming From Misuse of Keys, Certificates, CIO Survey Finds
Private sector chief information officers from the U.S., U.K., France and Germany overwhelmingly said they're wasting millions of dollars on failing cybersecurity tools because they "blindly trust" vulnerable cryptographic keys and digital certificates, a survey from cybersecurity company Venafi found.…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
The survey released Wednesday said that 90 percent of 500 CIO respondents said they have been attacked or expect to be by "bad guys" using encrypted traffic to hide their actions, while 87 percent said security controls are inadequate or ineffective because they don't inspect malicious activity or data exfiltration inside encrypted traffic. Eighty-five percent of CIOs expect criminal misuse of keys and certificates to get worse. Venafi said that organizations don't understand just how important keys and certificates are to cybersecurity. Technology researcher Vanson Bourne conducted the survey of CIOs from the financial services, manufacturing, retail, distribution, transport and other commercial sectors in January.