Distributed vs Centralized Key Management

The need for mitigating risk with an appropriate key management system (KMS) is critical to the success of any organization that shares sensitive data across networks.

Here is a breakdown of two common types of KMSs and how risk mitigation can be successfully accomplished.

Read more

Differentiating between managing the lifecycle of cryptographic keys, protecting the keys and using the keys

The modern world of cybersecurity can be a confusing place. There are tomes of data, regulations, and mandates in addition to the complex technical aspects. This is especially true when it comes to crypto key management systems (KMSs).

Read more

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.

Read more

How to Improve HSM Usability

In this article we will explore some of the reasons why HSMs can be difficult to use and look at a novel solution that helps to overcome these problems.

Read more

The benefits of an automated and centralized key management system

The aim of this article is inform you on how to implement proper key management and to answer 3 important questions regarding centralized and automated key management:

  1. What is Centralized Key Management?
  2. How can a centralized system help meet regulatory compliance?
  3. How can automation further improve the life cycle management of keys?
Read more

How to Reduce Cryptography-Risks related to PCI DSS

The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their clients’ sensitive data, which typically includes the use of strong cryptography as dictated by PCI DSS requirement 3. Most organisations empty this burden on the IT department or IT management teams and hope all their compliance is covered. However, in most cases when there is a data breach, the burden lies on the shoulders of the C-level management, who are left to answer to the difficult questions.

Read more

Trends in Cryptography Part 3 – HSMs and Cloud Computing

In this final part of the series, we look at how cloud computing will impact the use of cryptography and at the future of HSMs; and finally, we reflect on what you can do to be ready for the advances in cryptography that lie ahead.

Read more

Trends in Cryptography Part 2 – Blockchain, IoT and Quantum Technology

As part 2 of this 3-part series, here we look at new applications such as blockchain and IoT, as well as the impact of quantum technology.

Read more

Trends in Cryptography Part 1 – Algorithms and Encryption

Cryptography has come a long way since ancient times, and the pace of development has been especially quick over the last 2 decades. Indeed, many fundamental aspects of our modern world – finance, communications, e-commerce, national security – are built on the bedrock of cryptography.

Read more