Cryptographic Agility: Preparing Modern Apps for Quantum Safety and Beyond - Natalie Fisher, VMware
Abstract
In 2012, the vulnerability, HeartBleed, was discovered then patched in 2014. But because organizations were slow to respond hackers managed to steal 4.5 million healthcare records. In 2019 over 200,000 systems were still unpatched. Why is it difficult to change or update these protocols? IT organizations are not aware of the encryption they are using, which applications are using it, or how it is used and customers have no unified way to transition between cryptography standards, libraries, and manage cryptographic configuration and compliance. Recent advances in quantum computing and global government initiatives have prompted a new sense of urgency in migrating public key cryptography to quantum-safe standards. Modern and legacy apps will benefit from crypto agility schemes leveraging proxies, policy-driven configuration, and orchestrated management. The session will help to prepare enterprises of every size for the cryptographic migration to come – no matter where your apps are deployed.