Last year at Black Hat we had an interesting conversation with Tammy Moskites from Venafi. Although Tammy is both the CIO and CISO of Venafi the conversation did not focus on that company or the product as a whole. Instead we talked at length about trust and controlling the keys to data and devices. This conversation is still a very important one as continue to see attacks and vulnerabilities in the systems that control access to and the encryption of important data.
Have you ever lost your keys and had that moment of panic where you are not sure who might have them? This is not a good feeling. You do not know if someone has them and might use them to gain access to your things. This is the same feeling that should be running through the minds of every IT security professional right now when they think about their certificates and keys, but sadly this is just not happening. The reason that there is not more concern is that far too many even realize just how vulnerable they are.