December 9, 2022

Binary Blogger

Are you a 1 or a 0? News, Thoughts and Reviews

Most infosec pros forget to change keys after a breach

2 min read
iStockphoto
Credit: iStockphoto

One of the things that hackers look for when they break into an enterprise is encryption keys and security certificates, but most security professionals don’t know how to respond if the keys are compromised during a breach.

Full Article

This article from CSO Online touches on one aspect of post-breach effort but should highlight a much broader knowledge gap in the Information Security Industry. The problem isn’t what security professionals do or don’t after a breach but shows that there is no industry standard or focused training on what to do if you are breached.

The world today operates under the scary yet accurate motto –

“There are two types of companies. One that has been breached and one that has not discovered they have been breached.”

The point it that every company, by the legal definition of a breach, has lost data in the manner that would be called a breach. You can get certified all day long as a “Security Professional” but we have reached the point of needing to build and educate those certified professionals on how to clean up and reset an environment after a breach has been detected. Such as resetting ALL your encryption keys, which means you need to focus on proper key management in order to do so. From there the list goes on and on and if you don’t you are not closing the entry points that were used to exploit you in the first place or worse, keys and methods taken by hackers to be used again in a new way the next time.

End of line.

Please follow and like us:
Pin Share
Copyright © All rights reserved. | Newsphere by AF themes.

Enjoy this blog? Please spread the word :)

  • RSS
  • Follow by Email
  • Twitter
    Visit Us
    Follow Me
  • YOUTUBE
  • INSTAGRAM
RSS
Follow by Email
Twitter
Visit Us
Follow Me
YOUTUBE
INSTAGRAM