June 2022 Cybersecurity Roundup

SSL.com Reminders

OV & IV Code Signing Key Storage Requirements are Changing

Effective November 1, 2022 OV & IV Code Signing Certificates will be issued on Yubico USB Tokens or available via the SSL.com eSigner cloud signing service. 

To learn more about SSL.com eSigner solution: https://www.ssl.com/esigner/  

Organizational Unit Field for SSL/TLS Certificates is Being Deprecated

Effective August 1, 2022, SSL.com will discontinue the use of the Organizational Unit field. This is in response to new guidelines ratified by CA/Browser Forum.  To learn more about this announcement:  https://www.ssl.com/article/organizational-unit-ou-field-to-be-deprecated-by-ssl-com/

2023 Will See an Increase in Intense Cybersecurity Attacks According to Industry Expert, Gartner, Inc.

The technology research and consulting group Gartner, Inc. recently released its Cybersecurity Risk Predictions for 2022 – 2023. Cybersecurity leaders should factor these into their 24-month strategic plan. 
  1. International government regulations regarding consumer privacy will increase by 70%.
  2. Gartner predicts that within 36 months, a stronger shift to single vendor support from the secured edge to the cloud will take place.
  3. Industry and Consumer demand for Identity and context-based Digital Trust services will triple in size.
  4. Ransomware attacks will increase and become more intense.
  5. Government regulators and corporate shareholders will demand improvements to Disaster Recovery and Business Continuity planning.
  6. C-Level Executives will be held more accountable for cyber risk.

SSL.com Response:

Our mission is to allow individual users, corporations, and governments the ability and right to use the internet and its associated services without the threat of intrusion, privacy invasion, and compromise. 

SSL.com offers Client Authentication Certificates as a defense layer against ransomware. Information is available here:  https://www.ssl.com/certificates/client-authentication-certificates/ 

In addition SSL.com supports the diverse security needs of national governments as they actively turn to PKI Technology and Digital Certificates. Information is available here:  https://www.ssl.com/article/pki-and-digital-certificates-for-government/

Our solutions suite addresses all six of these concerns. For additional information, please refer to the Solutions Tab of our website: https://www.ssl.com/certificates/

We are an International Digital Trust organization working closely with multiple standards committees, cloud providers, carriers, and other security organizations to create a sustainable security architecture.

Our team of developers and engineers along with a complete PKI research group stands ready to respond to the needs of our customers, partners, and prospects.

For further information: https://www.ssl.com/  

According to the Cybersecurity & Infrastructure Security Agency – CISA, Securing Windows Devices with PowerShell is Recommended

PowerShell lives on as a command line object-oriented Microsoft utility. Its capabilities are long-lived and widely adopted by developers.   Although hackers have exploited PowerShell, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recommend not disabling or removing the utility. The recommendation is to maintain the software and use it with Microsoft’s automation tools to collect attack data and provide deep forensic analysis.    Working with both New Zealand and the United Kingdom’s National Cybersecurity Centre’s, it is proposed that organizations turn on the following features: Deep Script Block Logging, Module Logging, and Over-the-Shoulder transcription capability.    

SSL.com Response

  SSL.com is deeply aligned with Microsoft and all other software and hardware organizations to stay in tune with their progress and development. As an organization focused on Digital Trust, SSL also follows the analysis and recommendations of multiple Federal Cybersecurity Agencies to provide the utmost privacy protection for all customers.  

  All SSL.com products and services are focused on security, protection, and digital trust.  More information about how SSL.com works with and supports governments across the world: https://www.ssl.com/certificates-for-government/#

Tips for Better Mobile and IoT Security 

In a recent article in SC Magazine, Kurtis Minder, the CEO and Lead Ransomware Negotiator of Groupsense spoke out with a few reminders to reduce data security compromise. Recognizing the mobile nature of many individuals, Kurtis mentions that security architects are increasing procedures to protect corporate networks while protecting endpoints and the personal information of remote workers.  A few suggestions that mix both cyber and physical security are:
  1. Avoid free hotspots and establish a VPN connection.  
  2. Use a screen protection device, which prevents people from watching over your shoulder. 
  3. Don’t leave your computer unattended. 
In conjunction with Kurtis’s advice for mobile endpoint security, the world of IoT (Internet of Things) continues to expand rapidly. IoT devices are everything that connects to the internet without human involvement. Consumers and businesses are adding devices to the internet by the millions every year. For consumers this includes home security cameras, cloud based video doorbells, home appliances, nanny cameras and thermostats plus more. For industry the devices are process controls, manufacturing robots, temperature sensors, automated transportation controls, biomedical devices plus more.   

There are known security vulnerabilities with many devices installed in default mode. The potential exists for cameras to spy on their owners, locks to be disabled and video footage to be spoofed. While most manufacturers work hard to mitigate these risks, hackers are constantly stressing the networks with Zero Day Threats, malware and social engineering tactics.  

SSL.com Response:

SSL.com addresses mobile and IoT security with a variety of solutions to meet the needs of industry and consumers. More information is available here:  https://www.ssl.com/article/securing-the-internet-of-things-iot-with-ssl-tls/  

SSL.com is integral to Cybersecurity Encryption, Digital Signing, and Web Security.  Working with the browser organizations, hardware manufacturers, other Certificate Authorities, and cybersecurity teams, our solutions protect end users and the networks they interconnect with.   

Additional IoT Certificate information can be found here: https://www.ssl.com/internet-of-things-iot-solutions/

SSL.com is a Digital Trust Solutions Provider

Ask about our complete product suite, contact sales@ssl.com or call toll free



Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.