The protection and secure management of cryptographic keys is crucial for ensuring that cryptography is used in the most effective way to keep data secure. Picking the wrong key management system (KMS) can thwart all the efforts that have been made in using cryptography to protect information.

Recent events throughout the world have evidenced that high-profile hackers and state-sponsored attempts at security breaches have been steadily increasing since 2020. It is becoming rapidly apparent that no sector is immune to becoming a victim of a data breach, including the airline industry, where the safety of crew and passengers is put at grave risk.

This article discusses the misuse of X.509 certificates and keys in the SolarWinds attack and how Cryptomathic CKMS and CSG could help protect against such attacks.

An investigation conducted by "Which?", a consumer watchdog group based in the UK, found serious vulnerabilities in the security of banking security systems, including mobile banking apps.

Cryptomathic’s Signer is the only qualified (electronic) signature creation device (QSCD) that is certified under the SO-GIS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target is written to strictly conform to the certified protection profile EN 419 241-2.

In this article, we will discuss the Certificate Authority (CA) in the context of eIDAS and what is required of this entity in ensuring the integrity of qualified electronic signatures.

The 2020 Oracle and KPMG Cloud Threat Report focuses on the key risks and challenges organizations face as they implement and maintain cloud solutions. This article highlights some of the report's findings around the growing trust in the security of cloud offerings and asserts why maintaining control of your own critical keys should be considered best-practice when considering migrating to the cloud.

Considering the COVID-19 impact on digitalization, EBA’s updated Guidelines on ICT and Security Risk Assessment will help focus on priority areas, including compliance.

The eIDAS regulation provides both the technical and legal framework for electronic identification and digital signatures that the banking sector needs to fully digitalize its processes and go paperless.