Hi [[ session.user.profile.firstName ]]

The Impact of Unsecured Digital Identities- 2020 Ponemon Institute Report

Enterprises increasingly rely on cryptographic keys and digital certificates – known as digital identities – to protect critical data and connections across their business. But as the number of digital identities multiplies, from hundreds to tens or even hundreds of thousands, so does the complexity of managing and securing them at massive scale.

The 2020 Keyfactor-Ponemon Institute Report on the Impact of Unsecured Digital Identities reveals what happens when PKI and cryptography practices aren’t at their best – when mismanaged keys and certificates disrupt operations and undermine trust in the business.
Join industry expert Larry Ponemon and Keyfactor Chief Security Officer (CSO) Chris Hickman to learn more about what they’ve uncovered, the real impact of mismanaged keys and certificates, and how to build a business case for investment in your PKI strategy.
Get in-depth insights to understand why:

-73% of organizations still experience unplanned downtime and outages due to mismanaged digital certificates
-74% of respondents say they do not know how many keys and certificates they have across their business
-Only 38% of respondents say they have sufficient IT security staff dedicated to their PKI
Recorded Mar 5 2020 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Larry Ponemon, Ponemon Institute & Chris Hickman, Chief Security Officer, Keyfactor
Presentation preview: The Impact of Unsecured Digital Identities- 2020 Ponemon Institute Report

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations Aug 17 2021 5:00 pm UTC 45 mins
    Ted Shorter, CTO, Chris Hickman, CSO, Lee Christensen, Technical Architect, & Will Schroeder, Technical Architect
    Microsoft Active Directory (AD) PKI is widely used by enterprises today, yet it has largely flown under the radar of attackers and defenders – until now. Recent research by SpecterOps reveals common user misconfigurations in AD CS that, if left unchecked, create serious security blindspots that attackers can abuse for credential theft, domain escalation, and persistence.

    Join leading Red Team & PKI Experts from SpecterOps and Keyfactor as they discuss the findings of the report, “Certified Pre-Owned: Abusing Active Directory Certificate Services.”

    In this discussion, they’ll cover:

    -What AD CS is and how it works
    -Common AD CS misconfigurations
    -PKI architecture and implementation flaws
    -Defensive advice and best practices to mitigate attacks
  • Preparing for Crypto-Agility: The Top 10 PKI Metrics You Should Care About Aug 12 2021 5:00 pm UTC 45 mins
    Sami Van Vliet, Principal Product Manager and Ryan Yackel, VP of Product Marketing
    Are your PKI operations running as smooth as butter? If your answer is no, then this webinar is just what you need to learn how to accurately analyze the health of your crypto-agility readiness.

    Most organizations aren’t aware of how many certificates and keys they have under management, or worse, not under control. Without an accurate inventory, organizations will experience more outages and have a greater risk of an attack or failed audit. But, getting an inventory is just the tip of the iceberg when it comes to the PKI and certificate management reporting metrics that matter.

    Join Sami Van Vliet, Principal Technical Product Manager, and Ryan Yackel, VP of Product Marketing, as they share practical advice for tracking your machine identities.

    You’ll learn:

    -Why identifying key metrics is important to your PKI operations running smoothly
    -What metrics are worth tracking when it comes to machine identity management
    -How to create a baseline for must-have metrics
  • How PKI, Crypto and Machines make the Digital World Go Round Aug 5 2021 5:00 pm UTC 45 mins
    David Mahdi - VP, Analyst, Security & Privacy at Gartner
    Cryptography is now critical infrastructure for digital business as it is the foundation for digital trust. As the world digitally transforms non-human or machines will rise to conduct and transact critical elements of business and society. Yet, all of this hinges on PKI, and cryptography; and it must be orchestrated, managed and automated. For years, many security leaders have struggled to manage all the mission critical systems that rely on cryptography. And with new use cases such as cloud, DevOps, and RPA, the situation is further complicated making life even more difficult for security and IT leaders. Join this session to learn how and why cryptography is now critical infrastructure.
  • Scaling PKI in the Cloud with Keyfactor & Google CA Service Recorded: Jul 27 2021 28 mins
    Gary Noe, Sr. Intergration Engineer and Ryan Sanders, Sr. Product Marketing Manager
    Google Cloud’s Certificate Authority Service makes it easy for DevOps and Infrastructure teams to rapidly issue certificates into the cloud, without the complex PKI setup. However, the next challenge becomes how to manage these certificates at massive scale.

    Keyfactor integrates directly with Google CA Service to provide real-time inventory, monitoring, and automated workflows for every certificate. That means your teams can be more productive, avoid preventable outages, and streamline PKI management as you scale up.

    Join Gary Noe, Sr. Integrations Engineer, and Ryan Sanders, Sr. Product Marketing Manager, for a 30-minute discussion and live demo of the Keyfactor CA Gateway for Google CA Service.

    In this webinar, we’ll cover:

    -The challenges of managing CAs in hybrid and multi-cloud environments
    -How to leverage Keyfactor and Google for highly scalable, hybrid PKI
    -A live demo with Google Cloud CAS and Google Cloud Load Balancer
  • Securing Devices with Cloud PKI: Your Questions Answered by IoT Security Experts Recorded: Jul 20 2021 33 mins
    Ellen Boehm, VP of IoT Strategy & Operations and Damon Kachur, Senior Director
    The Internet of Things (IoT) is transforming the world we live in at a rapid rate – and it isn’t slowing down. Billions of network-connected devices are deployed into mission-critical environments such as medical devices, industrial and manufacturing control systems, and built-in vehicle sensors.  

    As more stringent customer requirements emerge and the regulatory landscape evolves, manufacturers must address security concerns like authentication, data encryption, and integrity of software and firmware on their devices. Ensuring that IoT solutions meet these key requirements is not only critical for today’s threats, but also for future product and security lifecycle challenges.  

    With the emergence and continued growth of IoT, Public Key Infrastructure (PKI) has become an instrumental tool in securing the next generation of industrial and consumer-connected devices.  

    Join Ellen Boehm, VP of IoT Strategy & Operations at Keyfactor, and Damon Kachur, Senior Director at PrimeKey, as they take your questions live and discuss: 
     
    -Digital transformation and what it means for device manufacturers 
    -Changes in the regulatory landscape and what security standards manufacturers should be aware of to continue deployment of their connected devices 
    -How embedding security in connected devices using cloud-based PKI can become a competitive advantage for your business
  • Real-World Machine Identity Management in Action Recorded: Jun 23 2021 31 mins
    Toby Gaff, Director of Solutions Engineering & Ryan Yackel, VP of Product Marketing
    From IoT and mobile devices to software-defined applications, cloud instances, containers, and even the code running within them, machines already outnumber humans. The criticality of machine identity management propelled Gartner to recognize it as a new category in their 2020 Hype Cycle for Identity and Access Management Technologies report:

    “This is a new profile that reflects an increased need to manage cryptographic keys, X.509 certificates that are used to establish trust in the identities of machines, such as IoT devices, virtual machines, containers, and RPA bots”, said Ant Allen, Gartner Analyst.

    With the emergence of machine identity management as an industry-recognized term, it is more crucial than ever for organizations to manage and protect these identities.

    To see real-world Machine Identity Management in action, join Ryan Yackel, VP of Product Marketing, and Toby Gaff, Director of Solutions Engineering, for a demo and discussion of how Keyfactor Command enables full visibility, control, automation and orchestration.

    In this 30-minute webinar, you’ll learn:

    -How to get a continuous inventory of your machine identities
    -How to automate identity lifecycle
    -How to extend machine identity management with other tools (e.g. HashiCorp Vault, Istio)
  • PKI for IoT: How to Secure Connected Devices from Design to End-of-Life Recorded: Jun 16 2021 46 mins
    Ellen Boehm, VP of IoT Strategy & Operations, Keyfactor; Ryan Sanders, Sr. Product Marketing Manager, Keyfactor
    Companies are now deploying billions of network-connected devices into mission-critical environments, such as medical devices, industrial, and manufacturing control systems.

    However, as more stringent customer requirements and regulations emerge, manufacturers must address security concerns, such as authentication, data encryption, and integrity of software and firmware on their devices.

    With the emergence of IoT, PKI has become an instrumental tool in securing the next generation of industrial and consumer-connected devices. In this session, Keyfactor’s VP of IoT Strategy and Operations, Ellen Boehm, and Senior Product Marketing Manager, Ryan Sanders, will discuss:

    Security challenges that IoT developers and device manufacturers face
    How PKI can address challenges with complex supply chains and product lifecycles
    Considerations for design, deployment and management of PKI for IoT devices
  • Achieve IAM Agility for Machine Identities Recorded: Jun 16 2021 43 mins
    Ted Shorter, CTO & Co-Founder, Keyfactor and Sean Ryan, Senior Analyst - Security & Risk, Forrester
    The IAM practices of long-standing organizations were built for rigid structure and slow, predictable changes. The seismic shift to dynamic workloads, rapid change, agile business, and the like puts tremendous strain on these systems. This is especially true for the massive scale and high velocity of machine identities, which are growing exponentially across organizations. We will reveal the underlying problems with managing machine identities and propose strategies and tactics to overcome operational challenges and security risks.
  • Navigating Vehicle and IoT Security: Your Questions Answered by Crypto Experts Recorded: Jun 9 2021 30 mins
    Ellen Boehm, VP of IoT Strategy and Chris Conlon, Engineering Manager
    Securing vehicles is hard – perhaps harder than just about any other device. Don’t take our word for it. A simple internet search reveals that all major automobile manufacturers have experienced a vehicle security exposure.

    Join Keyfactor and wolfSSL for a Live Q&A with VP of IoT Strategy, Ellen Boehm, and Engineering Manager, Chris Conlon, as they discuss embedding strong cryptography into vehicle and IoT devices:

    -Unique security challenges that engineers face when securing connected vehicles
    -Address the role that cryptography plays in securing vehicles
    -Practical advice on how these same principles can improve security for other connected IoT devices where high assurance and scalability are a must
  • Biden's Cybersecurity Executive Order: Your Questions Answered by Crypto Experts Recorded: May 26 2021 30 mins
    Ellen Boehm (VP of IoT Strategy & Operations), Ted Shorter (CTO & Co-Founder), Tomas Gustavsson (CTO & Founder of EJBCA)
    There has been an awakening for the importance of modernizing cyber security infrastructure --- and it’s about time.

    On May 12th, President Biden signed an Executive Order (EO) to “improve the nation’s cyber security and protect federal government networks.” This EO comes shortly after the recent Colonial Pipeline ransomware attack and previously cyber security incidents that affected both SolarWinds and Microsoft Exchange.

    The EO touts modernizing critical infrastructure with Zero Trust Architecture and improving supply chain security. But what does this mean for both the public and private sector? Where does the role of securing machine identities play in building stronger standards?

    Join Keyfactor's Ellen Boehm (VP of IoT Strategy & Operations), Ted Shorter (CTO & Co-Founder), and PrimeKey's Tomas Gustavsson (CTO & Founder of EJBCA) as they break down the most important sections of the EO and answer your questions on where cryptography plays a role in securing our nation for the future.
  • The State of Machine Identity Management 2021: Expert Insights and Key Takeaways Recorded: May 19 2021 60 mins
    Chris Hickman, Chief Security Officer and Ryan Sanders, Senior Product Marketing Manager
    Machine identities are everywhere. From cloud services, containers, and applications, to the code running on them, every machine needs a trusted identity.

    But with the rapid increase in machine identities, many CIOs and CISOs are left with an uneasy feeling of not being in control. The stakes are high – keeping ahead of certificate outages, key theft or misuse, and audits is a constant challenge.

    The result? 88% of organizations still experience serious outages due to expired certificates. Another 89% of organizations experienced at least three failed audits due to insufficient key management.

    Join Chris Hickman, Chief Security Officer, and Ryan Sanders, Senior Product Marketing Manager, to hear key takeaways from the Ponemon Institute 2021 State of Machine Identity Management Report, including:

    -Why crypto-agility emerged as a top priority for organizations
    -Key risks and challenges in managing machine identities
    -The importance of machine identity management in Enterprise IAM strategy
  • Secure Code Signing in the Software Supply Chain Recorded: Apr 21 2021 28 mins
    Eric Mizell, VP of Field Engineering and Ryan Sanders, Sr. Product Marketing Manager
    If you’re developing software, deploying over the air (OTA) firmware updates, or spinning up containers, you know the importance of code signing as a security best practice.

    Code signing is more important and more complex than ever. Faster releases, entirely remote teams, and complex supply chains make manual, hardware-based solutions ineffective. So how do you protect signing keys and simplify the signing process?

    Join Eric Mizell, VP of Solution Engineering, and Ryan Sanders, Sr. Product Marketing Manager, for a live demo and discussion of how Keyfactor Code Assure enables fast and secure signing.

    In this 30-minute session, we’ll cover:

    -Known risks and complexities in code signing
    -Use cases: Traditional, DevOps and CI/CD, and IoT manufacturing
    -A live demo of the Keyfactor Code Assure platform
  • How to Build End-to-End IoT Device Security at Scale Recorded: Apr 21 2021 44 mins
    Ted Shorter (CTO), Ellen Boehm (VP, IoT Strategy), Kim Bybjerg (VP at Tata Communications), Paul Hampton (Sr. Product Mgr.)
    Connected things include a variety of IoT endpoint devices across several critical infrastructure segments, including utilities, automotive, healthcare, retail, and building automation. Complex manufacturing supply chains make it difficult to build electronic devices that can be trusted – forcing security to be bolted on as a feature rather than being a critical element designed at the start of a product’s lifecycle.

    By adopting a Zero Trust approach, IoT manufacturers can ensure device trustworthiness and security at scale through their product's end-to-end lifecycle.

    In this panel with device security experts, discussion topics will include:

    -How businesses can gain a competitive advantage by embedding security in the devices they manufacture
    -Regulations relating to IoT security that manufacturers should be aware of
    -Where secure crypto fits into the product design and lifecycle process
    -Common IoT device security challenges that require a zero trust manufacturing approach

    Device security experts in this panel include:

    -Ted Shorter, Co-Founder & CTO at Keyfactor
    -Ellen Boehm, VP of IoT Strategy and Operations at Keyfactor
    -Kim Bybjerg, VP/Head of Continental Europe at Tata Communications & Chairman of IMC (IoT M2M Coucil)
    -Paul Hampton, Senior Product Manager, Thales
  • Zero Trust Manufacturing: How to Embed IoT Device Security in Your Supply Chain Recorded: Mar 31 2021 45 mins
    Ellen Boehm, VP of IoT Strategy & Operations and Ryan Yackel, VP of Product Marketing
    With so many supply chain partners, the reality is that you cannot trust the security of the manufacturing process to ensure that the hardware, firmware or credentials of the device have not been altered. 

    Manufacturers must take a “zero trust manufacturing” approach and design security into the device while maintaining effective security controls throughout the manufacturing process and product lifecycle to ensure the security, trustworthiness and safety of a device.

    Join Ellen Boehm, VP of IoT Strategy & Operations and Ryan Yackel, VP of Product Marketing, as they walk through how IoT manufacturers can navigate complex supply chains to build trusted IoT devices.

     In this webinar, you will learn:

    -Common IoT device security challenges that require a zero trust manufacturing approach
    -Where supply chain security breakdowns occur
    -Best Practices to Achieve Zero Trust Manufacturing
  • Keyfactor + Avi Vantage (VMware): Stop Outages & Start Certificate Automation Recorded: Mar 15 2021 31 mins
    Brian Taricska | Solutions Engineer & Ryan Sanders | Sr. Product Marketing Manager
    If you’re a Network Engineer, downtime is enemy number one. Keeping up with change requests, troubleshooting issues, and implementing new hardware is hard work – but all of that gets derailed when an application outage strikes.

    In this webinar, we’ll look at how network engineers can eliminate certificate-related outages and reduce manual, repetitive tasks with certificate discovery and lifecycle automation for Avi Vantage (VMware).

    Join Brian Tariscka, Solutions Engineer and Ryan Sanders, Sr. Product Marketing Manager for a 30-minute overview and live demo of the Keyfactor + Avi Vantage (VMware) integration.

    See how you can leverage Keyfactor to:

    -Discover SSL and client certificates across your load balancers
    -Simplify certificate requests with fast, easy self-service
    -Automate certificate provisioning, installation and renewal
  • The Business Case for a Cloud-First PKI Strategy Recorded: Mar 10 2021 58 mins
    Chris Hickman - Chief Security Officer, Ryan Yackel - VP of Product Management, Blake Wood - Director of Business Development
    The explosion of machine identities, keys, and certificates across multi-cloud and DevOps environments have stretched your on-premise PKI to its limits.

    And with over 62% of organizations currently or planning on outsourcing their PKI, now might be time to evaluate a new approach to PKI for the future.

    In this webinar, we explore the evolving complexity and costs of PKI, how to balance potential risks against those costs, and ways your organization can build the business case for a cloud-first PKI strategy.

    Join Chris Hickman, Chief Security Officer at Keyfactor, and Blake Wood, Director of Business Development at Thales, as they talk:

    - How PKI has evolved and continues to grow in complexity
    - Options for PKI deployment
    - The costs of on-premise PKI
    - The Future of PKI in the cloud
  • Zero Trust Manufacturing: An Approach to IoT Device Security Recorded: Mar 3 2021 30 mins
    Ellen Boehm, VP of IoT Strategy & Tomas Gustavsson, CTO
    The complexity of multiple points in the supply chain created a trust gap between product design/firmware development and hardware. Manufacturing finds it difficult to embed identity into the process and maintain identities throughout the device lifecycle once it’s deployed into the field. These factors have led to the emergence of adopting a Zero Trust Manufacturing approach to IoT device identity.

    In this webinar, Ellen Boehm, VP of IoT Strategy at Keyfactor, and Tomas Gustavsson, CTO at Primekey, we will show why the Zero Trust model is critical to the IoT lifecycle and how to put this theory into practice.
  • Securing the Next Generation of Connected Vehicles Recorded: Feb 18 2021 62 mins
    Ted Shorter, CTO & Co-Founder and Ryan Sanders, Senior Product Manager
    From a security standpoint, early editions of connected vehicles had a rough start. Securing automobiles is hard – perhaps harder than just about any other device. 

    In this webinar, Ted Shorter, CTO + Co-Founder, and Ryan Sanders, Senior Product Manager, will outline the unique security challenges that engineers face when securing connected vehicles, address the role that PKI and cryptography play in securing them – and how the same principles can improve security for other connected products where high assurance and scalability are a must.
  • Keyfactor Certificate Automation with AWS and Azure Key Vault Recorded: Feb 17 2021 30 mins
    Brian Taricska, Solutions Engineer and Ryan Yackel, VP of Product Marketing
    As your business takes on new multi-cloud initiatives, securing machine identities can get out of hand quickly. While it may be easy to issue certificates from these platforms, keeping track of where they are and when they will expire can be difficult.

    Without continuous visibility into all certificates used in AWS and Azure, you are at risk of an unexpected outage that can cost seriously downtime to your business.

    In this webinar, we will dive into how Keyfactor integrates with both AWS Certificate Manager and Azure Key Vault to continuously monitor your certificate statuses and orchestrate their distribution with ease.

    Join Brian Taricska, Solutions Engineer, and Ryan Yackel, VP of Product Marketing, for a 30-minute discussion and live demo of Keyfactor + AWS Cert Management and Azure Key Vault integrations.

    See how you can use Keyfactor to:

    -Discover all keys and certificates from AWS and Azure
    -Automation of certificate deployments
    -Orchestrate workflows and alerts
  • TalkingTrust with Thales and Keyfactor - IoT Security Recorded: Jan 27 2021 21 mins
    Ellen Boehm, VP of IoT Strategy at Keyfactor, and Dave Madden, Director of Business Development at Thales
    In this brief video, you’ll hear from Ellen Boehm, VP of IoT Strategy at Keyfactor, and Dave Madden, Sr. Director of Business Development at Thales, as they discuss the current state of IoT security and share their joint solution for securing the entire IoT ecosystem using Keyfactor Control and Thales Luna HSMs.
Leader in Cloud-First PKI as-a-Service & Crypto-Agility Solutions
Keyfactor is the leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform empowers security teams to find, control, and automate every machine identity with Keyfactor. We help our customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains. With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Impact of Unsecured Digital Identities- 2020 Ponemon Institute Report
  • Live at: Mar 5 2020 7:00 pm
  • Presented by: Larry Ponemon, Ponemon Institute & Chris Hickman, Chief Security Officer, Keyfactor
  • From:
Your email has been sent.
or close