The Need for a Step-Change Approach to Cryptographic Management

We are currently living in a world with zettabytes of digital data. The amount of data has been growing exponentially, doubling every two years, and with unfettered growth in areas such as Industry 4.0 and IoT, blockchain, 5G and other technologies, this growth trend will continue unabated well into the future.

Cryptography is critical infrastructure.

Much of this data is private and sensitive. This requires protection, which in turn requires encryption. In fact, current data security needs include the diversification of cryptography, the complex topology of data encryption, and quantum resistance through stronger cryptography.

Outdated crypto methods.

As multiple market factors converge to make protecting digital systems and sensitive data increasingly problematic, and inherent problems within cryptography further complicate the challenge, enterprises and IoT device manufacturers are quickly coming to the realization that cryptographic management is in desperate need of reform.
Download Crypto Agility White Paper

Why’s it so hard?

Unfortunately, there are factors that make the efforts of successful cryptographic management less than straightforward, including:

  • Lack of visibility/risk of unmonitored cryptography. Most large organizations can have hundreds of digital certificates, keys, encryption and other cryptographic assets that can expire or break suddenly. Most IT organizations are not aware of the types of encryption they are using, let alone which applications are using them or how they are being used.
  • Financial cost to fix insecure cryptography. As current cryptography is designed to be static, modifications require complex and expensive source-code modifications. Connected machines – such as long-life chipsets, IoT devices, vehicles and airplanes that cannot be easily updated with new cryptographic standards – even airplanes – will have to be replaced to maintain public safety and economic security. Cost of such replacements will be significant.
  • Cryptography is managed by non-cryptography experts. Today’s cryptography is implemented by application developers who are not cryptographic experts and who lack the required expertise to correctly select and manage algorithms, protocols, parameters, digital certificates and keys correctly.

A new approach is needed.

A new paradigm is urgently needed to address data security challenges inherent in a new digital world characterized by billions of interconnected machines, sophisticated attack vectors and game-changing technologies.

A digital world that looks markedly different than the one when current cryptographic management techniques were first developed.
Cryptographic agility management delivers such an approach.

Cryptographic Agility Management.
We were on it before it became trendy.

A new paradigm called cryptographic agility management allows you to swap out cryptographic assets in real time, without the need to change source code or disrupt existing operations.

Without crypto-agility, applications must either be reconfigured locally or recoded to enable new quantum safe algorithms. Neither one is a good option.

Adoption of a crypto-agility framework provides organizations and the applications they develop with a policy driven architecture. Future changes, deletion of obsolete cryptography and deployment of new cryptography are centrally managed.

Cryptographic agility management from ISG provides enterprises and IoT device makers with an automated, dynamic approach to cryptography management.

Pro-active visibility
Enabling continuous monitoring of cryptographic components present across a digital ecosystem to proactively detect security or compliance breaches.
Fast remediation
Enabling dynamic replacement of insecure cryptographic components across a digital infrastructure, with minimal effort and impact on operations, no change in source code and no cryptographic expertise required.
Maintaining interoperability between heterogeneous systems relying on different cryptographic foundations (e.g. modern, sovereign, certified, hybrid, PQC, etc.).
Providing organizations with the capability to centrally define how cryptography shall be used across their infrastructure, independent of developers.
Continuous compliance
Ensuring constant compliance with industry standards (e.g., NIST, ANSSI, etc.) and regulations (e.g., GDPR, PCI-DSS, etc.) that require compliant use of cryptography.
Cryptographic agility management not only address challenges and demands in an easier, more secure and highly efficient way, but also provides a comprehensive platform for cryptographic development for many years — even decades — to come.

Learn more about our Crypto-Agility Management Platform