Most infosec pros forget to change keys after a breach

Many companies don’t have systems in place to track all of the keys and certificates

That is the reality folks. Regrettably, the human element is a hacker’s greatest asset and yet many IT mangers and senior executives ignore this premise.  According to Maria Korolov “One of the things that hackers look for when they break into an enterprise is encryption keys and security certificates, but most security professionals don’t know how to respond if the keys are compromised during a breach. That’s the result of a survey released today by security vendor Venafi, which canvassed 850 security professionals at last month’s RSA conference.”

SOURCE: networksasia.net