Enterprises and Government bodies continue to rely on outdated TLS certificates, according to a security advisory published by the US National Security Agency. Earlier this week, the Dutch NCSC released a similar alert, to bolster encryption for public sector bodies that up till now has left them open to attacks and created a ‘false sense of security’.
Web browsers have been gradually moving away from TLS 1.0 and 1.1, but the shift has been slower for the public sector, and various national cybersecurity agencies are being forced to act.
Experts Comments
Submit Your Expert Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.Be part of our growing Information Security Expert Community (1000+), please register here.
These protocols and algorithms advised against are widely known to be insecure, so it is concerning that the NSA still feels it’s necessary to advise against their use. This warning underscores the need for better certificate agility in today’s enterprise. Certificate automation platforms can reduce the risk of breach of outage by enabling the discovery, monitoring, and renewal of TLS certificates automatically.
Linkedin Message
@Tim Callan, Chief Compliance Officer, provides expert commentary at @Information Security Buzz.
"Certificate automation platforms can reduce the risk of breach of outage...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/nsa-and-dutch-ncsc-warn-outdated-tls-certs
Facebook Message
@Tim Callan, Chief Compliance Officer, provides expert commentary at @Information Security Buzz.
"Certificate automation platforms can reduce the risk of breach of outage...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/nsa-and-dutch-ncsc-warn-outdated-tls-certs