Modernize Your PKI → Optimize Productivity → Reduce Risks    |Here’s how to replace Microsoft PKI with EJBCA

Keyfactor Virtual Summit: Day 1 Recap

Crypto-Agility

Day one of our first-ever Keyfactor Virtual Summit has come to a close, but we’re not done yet.

With 14 sessions and more than 500+ unique viewers, we couldn’t be more excited about the response so far from customers, industry analysts, and the broader cybersecurity and crypto community.

From PKI in DevOps and IoT supply chains to insights for leaders in cybersecurity; our first day of sessions covered a lot of ground. And we’ve still got a full day of sessions ahead of us today.

If you missed day one, don’t sweat it. Check out the recap of our first few sessions below:

Crypto-Agility is Critical

Jordan Rackie, CEO of Keyfactor officially kicked off the summit by highlighting the rapid growth Keyfactor has experienced over the past two years and how the cybersecurity landscape has quickly evolved over that time.

Cryptography sits at the foundation of any security strategy, yet as Jordan calls out, the rapid growth of keys and digital certificates has left most organizations unprepared and vulnerable.

Enter crypto-agility – the core theme of our summit – and the reason why 500+ IT and security professionals across the globe virtually joined us for day one.

How is Keyfactor driving crypto-agility? Take 10 minutes to watch the Opening Keynote here.

KN1

Don't Think Outside the Box. Burn It.

Next up, Daron Roberts (former NFL Coach) headlined our most viewed session of the day in his keynote where he offers up practical advice from his coaching career on how to articulate the need for crypto-agility to the Board.

Daron breaks it down like this…

  • Complacency is the enemy: we have to be intentional about building a strategy for crypto-agility. Some will be slow to understand, others will catch on, some will be reluctant, but it’s your job to make the case. Start with “micro-wins” and keep bringing up the issue in small ways over time.
  • Communicate like a champion: Cryptography is inherently technical, yet it’s an issue critical to the objectives of the business. Start with “how do we” rather than “can I” (a yes/no trap) to align your crypto-strategy with company goals.
  • Stay in the deep end: The volume and velocity of cryptography will only continue to increase. The key to staying ahead is constantly putting yourself in a position to learn. Block uninterrupted time in your calendar (even 30 minutes) to read, watch, and learn, outside of your day-to-day.

Secure PKI in DevOps (Without Disruption)

With the opening keynotes behind us, we jumped straight into one of the hottest topics on our agenda – DevOps.

In this session, Shian Sung and Chris Paul covered how TLS and code-signing certificates fit into the CI/CD pipeline, and why security teams need to align with their counterparts to ensure every certificate is trusted, compliant, and up-to-date in the modern PKI stack.

Here are a just a few key takeaways from this session:

  • Do limit the use of wildcard and self-signed certificates – make it easy for developers to access certificates from compliant sources
  • Do not blindly trust embedded certificate issuance capabilities in DevOps tools, such as Istio, Kubernetes, and HashiCorp Vault
  • Do not use crypto-libraries and algorithms without a plan for future deprecation

Watch the session replay here to learn all the dos and don’ts of using PKI in DevOps.

PKI Stack-1

Re-Think Zero Trust in IoT Manufacturing

If you thought security in DevOps is challenging, IoT supply chains are dizzying by comparison.

Between product design, firmware development, and manufacturing, a Zero Trust model is critical to securing the IoT device lifecycle. In this session, Ellen Boehm and Tomas Gustavsson covered how to embed identity into devices as they’re manufactured in, and deployed into, untrusted environments.

If you’re an IoT or firmware engineer, this deep dive session is a can’t miss.

supplychain-1

Reign in Your Rogue Admins

It comes as no surprise that our next session, Reign in Your Rogue Admins: Best Practices for Managing SSL/TLS Certificates, was on nearly 70% of our attendees agenda.

Despite advancements like IoT and DevOps, most organizations are still struggling to tackle common use cases, such as managing SSL certificates on web servers and applications.

In this session, former “rogue admins” turned PKI product managers discussed core requirements for a certificate management program, from building an inventory to enabling automation, and everything in between. It’s the perfect session for those just getting started with PKI and certificate management.

Get a (PKI) Health Check

For more seasoned PKI experts and users of the Keyfactor Command platform, Brandon Tubandt, SVP of Operations and Customer Success, and Joseph Elbers, Customer Success Manager, cover the Keyfactor certificate management maturity model and how we enable customers to move from a manual to dynamic strategy.

This was a fan-favorite and a must-see for our customers or anyone currently evaluating certificate management tools. Set aside 30 minutes to watch this session here.

maturity

Lead with Empathy

Moving toward the end of day one, we shifted our attention to leadership in cybersecurity.

In this panel, Simon Hunt, EVP of Cybersecurity at MasterCard and Uri Lichtenfeld, Executive Director at Morgan Stanley covered everything from their leadership to insights on cybersecurity and crypto-agility.

Lots of ground was covered, but if there is one key takeaway here, it’s the importance of leading with empathy. As Simon says (pun intended), “I radically underestimated my role as an empathetic leader, and the necessity of that to hold a disparate, and geographically dispersed team together.”

Look Beyond the Pandemic

To close out our first day of the summit, Ann Johnson, CVP of Security, Compliance, and Identity at Microsoft (and former PKI admin herself) underscored the challenges of securing the largest remote workforce in history.

Watch the replay to learn about the importance of a Zero-Trust security model in a remote-first world, including the critical importance of multi-factor authentication, and managing both human and machine identities (e.g. TLS certificates, code-signing certificates, SSH keys, and secrets).

Join us for even more sessions in day two. It all starts with the perfect cup of coffee (and crypto).

cryptocofee