Postbank Data Breach & the Importance Of Managing Cryptographic Keys – Expert Source

Postbank, the banking division of South Africa’s Pat Office, recently reported that a rogue employee stole 36-digit master keys used to protect the bank’s systems.  The result: 25,000 fraudulent charges valued at 56 million Rand (3.2 million US dollars) and 1 billion Rand (58 million US dollars) to replace all credit and ATM cards issued by the bank.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Chris Hickman
Chris Hickman , Chief Security Officer
InfoSec Expert
June 18, 2020 10:51 am

This event serves as a great reminder of the catastrophic consequences even a single compromised key can cause for an organization.

Most organizations lack the tools, focus, skillsets and budget to effectively manage cryptographic keys. However, every organization needs to be looking for every key so that it can be managed and audited. Rarely do breaches and compromises happen to assets that are constantly monitored and watched; it’s those assets not being managed that most commonly lead to breach.

Proper key management has risen past the level of simply serving as a checkbox on a security questionnaire. It is, and will continue to be, a business-critical, strategic initiative. Put simply: the investment in key management is a drop in the bucket compared to the business, brand and financial cost of a breach or compromise.

Last edited 2 years ago by Chris Hickman
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x