Venafi, the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) security solutions, today announced its partnership with the National Cybersecurity Center of Excellence (NCCoE). Created by the National Institute of Standards and Technology (NIST), NCCoE brings together Venafi and other leading security firms to address pressing threats to private-sector intellectual property and other valuable business and federal agency data. As part of the NCCoE, Venafi commits to sharing its cryptographic key and digital certificate management expertise as well as to contributing software and personnel, who will work side-by-side with federal staff and other NCCoE partners in the new center of excellence.
Every business and government agency confronts key and certificate management issues daily because every organization relies on certificates and keys to ensure that communications and transactions remain trusted, private and compliant with regulations. Failure to manage these encryption assets creates vulnerabilities that cybercriminals exploit to breach enterprise networks, steal data and disrupt critical business operations.
Venafi has spent years formulating best practices for managing keys and certificates, the critical foundation of trust in a globally interconnected, online world, and Venafi solutions help many of the world’s largest and most prestigious companies implement these practices. With Venafi, organizations can discover all their keys and certificates, tie the assets to people, generate compliance reports, and enforce automated policies that reduce risks of security breach, unplanned downtime and failed audits.
“Recent cyberattacks and a series of advanced persistent threats highlight how much help businesses and governments need in controlling trust,” said Jeff Hudson, Venafi CEO. “Leading security providers must work together to meet new cybersecurity challenges, as NIST has underscored by creating the NCCoE. We are honored to be part of this partnership and applaud NIST for bringing the world’s leading security providers together to address these and other critical security issues.”
“This consortium will focus on improving our current security practices,” said Under Secretary of Commerce for Standards and Technology and NIST Director Patrick Gallagher. “Cybersecurity is one of the toughest technical challenges facing the nation today. NIST looks forward to working with Venafi and our state and federal partners in the NCCoE to jumpstart protections of our vital IT infrastructure and business information. By combining efforts and expertise with industry leaders like Venafi, we hope to pave the way for national cybersecurity standards and to make a real difference for the organizations that rely on our guidance.”
The NCCoE deepens an ongoing partnership between NIST and Venafi. In July of last year, NIST and Venafi co-authored the NIST Information Technology Laboratory (ITL) bulletin, “Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance.” This bulletin alerts both government agencies and private-sector organizations to the risks of certification authority (CA) compromises. The bulletin also offers guidance on preparing for and responding to a CA compromise that results in fraudulently issued security certificates.