CSS Research White Papers

Threat intelligence insights from leading cyber security experts

Manage Your Symantec™/VeriSign SSL Certificates with a Certificate Lifecycle and PKI Operations Platform

Published - September, 2017

Is your organization overwhelmed by manual Public Key Infrastructure (PKI) and SSL certificate management processes? Burdened with worry of rogue SSL certificates or certificate-related outages? Running mission critical systems using internally issued SSL certificates alongside of SSL certificates purchased from a third party (such as Symantec™/VeriSign, Thawte® or GeoTrust®)?

Download entire guide to explore seven beneficial features you're missing without a Certificate Lifecycle & PKI Operations Platform. 

Download Benefit Guide

5 Risks of Gambling with a Wild Certificate Count and PKI

Published - August 17, 2017

Gambling means being prepared to lose everything. When working with an out of control, unmanaged digital certificate count and public key infrastructure (PKI), the risks of facing issues with financial and productivity losses are extremely high. Are you prepared to gamble with some of your most valuable IT assets?

Download entire guide to explore five common unmanaged certificate and PKI related scenarios, their financial implications and how to prevent them from occurring in your enterprise. 

Download Benefit Guide

7 Beneficial Features You’re Missing Without a Certificate Lifecycle & PKI Operations Platform

Published - June 22, 2017

Overwhelmed by manual Public Key Infrastructure (PKI) & certificate management processes? Burdened with worry of rogue certificates or certificate-related outages? Worried you've lost all control of your PKI? Stop losing and start gaining control by actualizing the features and benefits not available when manually managing your digital certificates and PKI.


 7 Beneficial Features You're Missing Without a Certificate Lifecycle & PKI Operations Platform: 

  • The importance of the automated management of digital certificates and PKI operations
  • How metadata can change your certificate reporting for good
  • Issues with using Simple Certificate Enrollment Protocol (SCEP) and how to fix them
  • Download to view entire guide

Download Benefit Guide

Identity, Security, and the Internet of Things-
Knowing Your Device is Securing Your Device
White Paper

Published - May 26, 2017

As the IoT market expands, it’s all too common for vendors to push unsecured IoT technology to the market. Many IoT devices consist of parts from various hardware vendors, each created according to different security principles. The result is an environment where the lowest common denominator of security measures rules, inviting malicious activity that can wreak havoc on businesses, institutions, and critical infrastructure. Learn more on the security challenges of IoT and how CMS VerdeTTo leverages Public Key Infrastructure (PKI) to establish unique device identities in the form of digital certificates and extended identity attributes to secure millions of devices. 


Learn more on the security challenges of IoT and how the CMS VerdeTTo Access Valve engineered specifically for ThingWorx platform users leverages Public Key Infrastructure (PKI) to establish unique device identities in the form of digital certificates and extended identity attributes to secure millions of devices.

Download White Paper

2017 Public Key Infrastructure (PKI) and Internet of Things (IoT) Security Predictions 
White Paper

Published - January 31, 2017

In 2017, Public Key Infrastructure (PKI) will continue to solidify its place as a fundamental digital identification, authentication and encryption standard—especially as the Internet of Things (IoT) evolves and security concerns heighten. The need for trusted digital identities will become paramount to the overall security of the Internet. As businesses attempt to secure the IoT, PKI is re-emerging as a cost-effective and proven technology that delivers a secure and high-performance solution. CSS Research has continued to monitor the state of cybersecurity throughout 2016 while generating threat intelligence insights on the digital certificates used to secure SSL/TLS connections across the Internet. 


Download this white paper to view what CSS Research predicted in regards to the trajectory of PKI and IoT in 2017.

Download White Paper

Benefits of a Professionally Managed PKI White Paper

Published - December 27, 2016

Enterprises and organizations today are confronted with a variety of ever-changing security challenges. Core security practices like Public Key Infrastructure (PKI) have been used to consistently authenticate users and devices and encrypt critical information. Because PKI is a mature technology, assumptions have been made that the same PKI that was implemented years ago is just as secure as it was when launched. As a result, organizations that continue to rely on the old level of PKI assurance could be taking security actions that end up putting critical information, and by extension, the entire enterprise at risk. Businesses now have a number of reasons to reevaluate their PKIs; compliance mandates, organizational changes, and the maturity of cryptography are all reasons to revisit PKI management.

Download this white paper to learn what a managed PKI is, how it works, and why it’s necessary for your organization.

  • The Industry Security Landscape
  • What is a Managed PKI
  • Why PKI is Necessary: Business Challenges
  • Managed PKI for the Enterprise- Saving Time and Money
  • Choosing the Right Partner

Download White Paper

Digital Certificates - A Critical Line of Defense Against Cybercrime White Paper

Published - December 19, 2016

Public Key Infrastructure (PKI) has advanced tremendously since the early days, from simply identifying websites and securing ecommerce transactions to routinely issuing massive certificate deployments, making PKI a top priority for IT departments. The evolution of PKI has become significant, given the takeover of IoT and increased usage of digital certificates, today’s use cases for PKI have become markedly more innovative.

Download this white paper to learn about PKI’s evolution and how to prepare your organizations PKI for the future.

  • Growth of New Digital Certificates Deployments
  • Increased Reliance on PKI
  • Practices to Secure PKI
  • PKI Deployment Challenges
  • Technology Drivers for PKI Upgrade, Migration and Cyber Security Changes

Download White Paper

Best Practices for Public Key Infrastructure (PKI) Implementation Project Management White Paper

Published - October 27, 2016

Today’s evolving cyber security landscape demands the high assurance, scalability and security of digital certificates issued from a trusted PKI to successfully secure enterprises. However, an effective PKI can be difficult to implement and manage without knowledgeable and dedicated resources in-house. Although attempting a deployment on your own sounds appealing and more cost effective, the key to a successful PKI implementation is fully understanding the entirety of the project before beginning. By outlining each critical task up front, it’s easy to quickly realize the importance of enlisting dedicated resources to assist with the entire process from day one.

Download the white paper to learn more about PKI implementations - the best practices and key overall project considerations including:

  • PKI design, policies and key signing ceremony details
  • Critical timeline and project phases
  • Appropriate skill level and availability of internal expertise
  • Major differences in implementing a PKI In-house vs. working with an expert

Download White Paper

Public Key Infrastructure (PKI) - The New Best Practices White Paper

Published - July 28, 2016

Public Key Infrastructure (PKI) has undergone an evolution since its commercial introduction in the 1990s. Aging enterprise PKIs may not be a fit for current compliance, regulatory or technical requirements for new enterprise and IoT use cases. Today, companies are having to decide how to ensure the ongoing trust of old and new PKI environments and the resulting digital certificates.

Download this white paper to learn about PKI progress and the decisions your organization may need to consider, including:

  • PKI evolution and new risks
  • Best practices for today’s PKI controls
  • Remediating what makes sense vs. starting fresh
  • PKI operations management tools
  • External audit considerations

Download White Paper

Public Key Infrastructure (PKI) for the Internet of Things (IoT) White Paper

Published - June 30, 2016

Digital certificates continue to be a cost-effective and efficient method to authenticate, secure and validate diverse endpoints and data in IoT systems. As organizations recognize the cost savings and flexibility associated with establishing their own PKI, they’re also learning that the typical enterprise PKI is not a good fit for unique IoT systems.

Download this white paper to learn about unique PKI for IoT considerations including:

  • Importance of authentication, encryption and signing for IoT devices, data, users and applications
  • How PKI for IoT is different from a typical enterprise PKI
  • Challenges related to high volume, low power devices, disparate endpoint owners and multiple relying parties
  • Issues and best practices for IoT PKI trust, scalability and uptime
  • IoT PKI design considerations

Download White Paper

Digital Certificate Template Best Practices White Paper

Published - May 26, 2016

Digital certificate templates contain properties common to all certificates issued by Microsoft® enterprise certification authorities (CAs) based on that template, giving administrators more control over their Public Key Infrastructure (PKI). Learn how effectively organized, documented, and managed certificate templates help administrators manage a diverse subscriber base, minimize the risk of issuing incorrect certificates, and support reporting for security compliance requirements.

Download White Paper

SHA-1 Deprecation Challenges & Solutions White Paper

Published - April 21, 2016

Moving from SHA-1 digital certificates to SHA-2 is vital to defend against cyber criminals. SHA-1 certificates are no longer being issued and are sched­uled to reach their expiration before January 1, 2017. Continued use of SHA-1 certificates places your organization in a cryptographically insecure position against cyber adversaries. Time is running out to identify and implement a SHA-1 deprecation plan to ensure that every certificate your organization is upgraded to the secure SHA-2 algorithm.

Download the CSS Research “SHA-1 Deprecation Challenges & Solutions” white paper to learn:

  • Why SHA-1 is being deprecated
  • Deprecation tim­ing
  • SHA-2 migration challenges
  • Best practices and resources to complete the transition

Download White Paper