Ensuring Business Continuity Amidst Certificate Revocations
Greetings, cybersecurity professionals and enthusiasts! Welcome to another insightful episode of “The Other Side of the Firewall.” Today, Ryan Williams Sr., Chris Abacon, and Daniel Acevedo tackled a significant issue that impacts critical infrastructure — DigiCert’s mass certificate revocation and the urgent need for business continuity planning.
The DigiCert Dilemma
Last week, DigiCert announced an immediate need for 6,807 impacted customers to reissue 83,267 certificates within 24 hours. The urgency was driven by a system update from 2019 that has only recently revealed its detrimental effects. The critical infrastructure sectors, including energy, health, and finance, are particularly vulnerable due to the complexities and potential impacts of such rapid changes.
Daniel expressed the urgency well: “The root cause was a bad system update back in 2019, and they realized the outcomes of it now in 2024. Luckily, they realized what was going to happen before it actually happened, so they can release that mass notification.” This scenario underscores the importance of having robust business continuity and disaster recovery plans in place. Many organizations, especially smaller ones, may lack the manpower or resources to handle such abrupt demands.
Critical Infrastructure at Risk
Daniel elaborated on the impact on critical infrastructure: “What the article is really alluding to here is the critical infrastructure part of it, such as energy, health, finance, these types of systems where doing an update of certificates in their environments can’t be done seamlessly without bigger impacts.” These sectors cannot afford any downtime, making the process of updating certificates even more challenging and critical.
Chris added, “I didn’t have a massive certificate authority revoking a ton of certificates on the business continuity bucket list this year. Usually, these revocations are well planned in advance and phased, so you don’t have a gigantic waterfall coming at you within 24 hours.” This unexpected event highlights the need for continuous and proactive planning.
Cross-Departmental Synergy
The conversation naturally led to the importance of cross-departmental synergy. Daniel emphasized, “How well is your security team and your admin team working together as a unit?” The ability to respond quickly and effectively to such incidents relies heavily on this collaboration. He suggested that departments need to work cohesively to devise strategic solutions swiftly.
Ryan added, “How plugged in are your teams? When SolarWinds hit, many of us knew about it way before the government started talking about it because that’s a huge ship that takes a long time to turn. In preparation for such events, are your teams aware and prepared?” This question is critical for ensuring that all relevant departments are aligned and ready to act when needed.
Business Continuity: A Proactive Approach
The discussion led us to a crucial takeaway: regular reviews and updates of business continuity plans are non-negotiable. Ryan highlighted, “You should be on a semi-annual or annual basis, reviewing your business continuity plans, your disaster recovery plans, and things of that nature.” The fast-paced evolution of cybersecurity threats demands that organizations stay ahead by ensuring their plans are current and comprehensive.
The Role of Leadership
Ultimately, leadership plays a vital role in fostering an environment where different teams can work together seamlessly. Chris reminded us, “Security is everybody’s responsibility.” By inviting security teams to the table early in project planning, businesses can avoid the pitfalls of last-minute disruptions and ensure a smoother, more secure operational flow.
Ryan reiterated, “You don’t want to put the security team in a bad light by always inviting them near the tail end of a project. Invite them at the beginning or the middle because then they can help steer you, and it’s a better look for both that team and your productivity.” This proactive approach can significantly enhance an organization’s ability to respond to unexpected events.
Conclusion
In conclusion, the DigiCert revocation issue is a wake-up call for all organizations to revisit their business continuity strategies. It’s essential to foster a culture of proactive planning and cross-departmental collaboration to navigate the increasingly complex cybersecurity landscape.
Thank you for reading and stay tuned for more episodes of The Other Side of the Firewall podcast on Monday, Tuesday, Wednesday, and Fridays, as well as, the Ask A CISSP podcast every Thursday. Please like, share, and, subscribe.
Stay safe, stay secure!
Ryan is a retired Air Force veteran who brings over 20 years of experience in network infrastructure, project management, and cybersecurity consulting to his current role at BuddoBot. Buddobot’s mission is to support national security by transforming, empowering, and educating organizations to shift from reactive, diluted, automated, and high-cost IT and security practices to proactive, effective solutions that fortify their security.
Shannon, also a retired Air Force veteran, has more than two decades of expertise in network security and vulnerability management. He now serves as an Information System Security Officer (ISSO) for the U.S. Space Force, where he continues to enhance national security protocols.
Chris, a Navy veteran with over ten years in IT, information assurance, and risk management, currently works at CompliancePoint. His roles include vCISO, RMF assessor, and consultant, focusing on enhancing data security and privacy for various organizations.
Daniel is an Air Force veteran with over 15 years of combined experience in IT, cybersecurity, information assurance, and government risk compliance. He has held various roles, including IT administrator, cybersecurity engineer, senior information system security manager, and currently serves as a senior security consultant for Booz Allen Hamilton. In this latest role, Daniel leverages his expertise to address unique and complex challenges in the cyber and IT domains, enhancing his customers’ capabilities.