Trust breach in computer security estimated at $400 million
Trust is the concept where one asserts a notion of reliability and truth to another party. Trust is the foundation for individual relationships, social contracts, and entire industries. In terms of computer security, trust is defined by Infosecurity magazine as the knowledge that corporate data and code retains both confidentiality and integrity.
In a world where sensitive information can be intercepted by an attacker far away from its target, enterprise and their consumer counterparts rely finding secure ways in which their computer data is safeguarded from criminals. A recent report compiled by an international cybersecurity organization estimates that enterprises risk losing an average of $35 million every two years due to attacks on poorly managed encryption key practices with a maximum possible cost exposure of $398 million per organization.
One of the primary ways for companies and clients to maintain online confidentiality is by using encrypted data and cryptographic certificates as proof of integrity and trust. The problem is, cybercriminals are keenly aware of the lack of visibility over deployed solutions to exploit even the smallest vulnerability in cryptographic certificates. Another problematic issue cited in the report is the complete loss of control companies have over the instruments of trust like cryptographic keys and certificates. Among those surveyed, 51 percent admitted that they do not know the full number of these critical resources deployed in their infrastructure.
On a positive note, an increasing number of businesses are recognizing the importance of encryption, with 59 percent of respondents in the report highlighting the importance of proper key and certificate management. Respondents suggested improved management practices could help them regain control over trust and avoid the risks of unplanned outages, regulatory fines and data breaches.