CS Mar-Apr 2024
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
news<br />
Greg Wetmore,<br />
Entrust.<br />
TIME TO MIND YOUR PS AND QS?<br />
Entrust launches Post-Quantum Ready<br />
PKI-as-a-Service platform<br />
Entrust has recently announced the general<br />
availability of its Post-Quantum Ready PKIas-a-Service<br />
(PKIaaS PQ) platform.<br />
With this launch, the company's cloudbased<br />
PKI-as-a-Service offering can now<br />
provide both composite and pure quantumsafe<br />
certificate authority hierarchies, it<br />
states, enabling customers to test or<br />
implement quantum-safe scenarios and<br />
infrastructure. This makes it "the first<br />
commercially available platform of its<br />
type", it further claims.<br />
"Although the quantum threat is up to<br />
a decade away, we know the transition<br />
to quantum-safe algorithms won't be just<br />
another crypto refresh cycle," says Greg<br />
Wetmore, vice president, Software<br />
Development at Entrust. "To prepare, we<br />
need to move today's public key cryptographic<br />
systems from their current state<br />
to new quantum-safe cryptographic<br />
algorithms.<br />
"This transition will be more complex than<br />
anything we've done in the past, and will<br />
touch just about every piece of digital<br />
infrastructure and data we rely on today.<br />
Organisations should be looking at their<br />
Post Quantum (PQ) migration strategy<br />
now, and implementing the tools and<br />
technology needed to test and migrate to<br />
quantum-safe security," he states.<br />
PROTECTING DATA FALLING WAY SHORT<br />
Companies and authorities still taking breach<br />
AJ Thompson, Northdoor.<br />
threats too lightly<br />
Companies need to stop treating regulations as a tickbox<br />
exercise and realise that the point of them is to<br />
protect data, warns AJ Thompson, CCO, Northdoor.<br />
"Equally, the ICO [Information Commissioner's Office]<br />
also needs to up its efforts in implementing 'proper'<br />
sanctions against those organisations that are failing<br />
customers and partners."<br />
The high-profile introduction of GDPR in 2018 was<br />
meant to prove that the authorities were taking the<br />
threat from cyber-criminals and the misuse of data<br />
seriously, Thompson further points out. "There were<br />
promises of major consequences for every business<br />
that failed to adhere to the regulation, but, as the years<br />
have gone by, we have seen that those organisations suffering data breaches have<br />
been, frankly, wrapped on the knuckles, with no further consequences."<br />
RAPID ACTION NEEDED TO SOLVE CRIPPLING SKILLS SHORTAGES<br />
Traditional university education in cybersecurity is not sufficient<br />
New research in the UK and US reveals that over three-quarters (78%) of<br />
cybersecurity and IT professionals believe a traditional university education in<br />
cybersecurity is not doing enough to prepare graduates for the modern workforce.<br />
Meanwhile, nearly two-thirds (64%) of cyber industry professionals say current<br />
recruitment processes inadequately assess candidates' practical skills.<br />
This is according to a study called 'Securing the future of cybersecurity: From<br />
classroom to every career stage' from Hack The Box, a leading cybersecurity<br />
upskilling, certification and talent assessment platform.<br />
The research highlights what it says is a gap between the essential practical skills<br />
required to combat modern cyber-criminals in the workplace and the expertise<br />
cultivated within university education.<br />
An overwhelming 90% emphasise the need for cybersecurity and computer science<br />
graduates to be prepared with hands-on, practical experience before their first role.<br />
LOGPOINT AND SECURVALUE PARTNER UP TO SHARE THEIR EXPERTISE<br />
Alliance aims to help customers detect and respond to cyber threats.<br />
Armed with Logpoint's modern SIEM+SOAR solution, SecurValue can offer<br />
more robust threat detection and response, real-time data analysis, early detection<br />
of data breaches and easy implementation of compliance requirements, it is<br />
claimed. "We're happy to partner with SecurValue to help organisations strengthen<br />
security posture and cyber resilience. They share our vision for conducting long-term<br />
business in Southern Europe," says Christian Pijoulat, regional director SEMEA at<br />
Logpoint. "SecurValue has a tailored approach to their customers, based on skilled<br />
cybersecurity professionals and trusted technologies, and we're proud that<br />
Logpoint's solution is now a part of that."<br />
8<br />
computing security <strong>Mar</strong>ch/<strong>Apr</strong>il <strong>2024</strong> @<strong>CS</strong>MagAndAwards www.computingsecurity.co.uk