SSL certificates and PKI, or public key infrastructure, are meant to ensure that websites are safe. But they aren't enough, says Dr. Phillip Hallam-Baker of Comodo Group. What's more, emerging insider threats have quickly proven that the proverbial "walled garden" is not so walled after all, and without true end-to-end encryption, insiders and outsiders can compromise sensitive data, he adds.
In this audio interview at RSA Conference 2017, Hallam-Baker discusses:
- Why securing data at rest and in motion are pain points for true endpoint security;
- Why insider threats are the biggest concern; and
- Why next-generation messaging security needs to be open source.
Hallam-Baker, vice principal and principal scientist at Comodo Group, has more than 25 years of experience in the design and use of internet security protocols. His design credits include core contributions to the architecture of the web and the web PKI. Hallam-Baker has contributed to internet standards development work in IETF, the World Wide Web Consortium and OASIS. He also holds six patents related to cryptography. His current research project, the Mathematical Mesh, is an attempt to develop a user-centered cryptography infrastructure to secure the web and the internet.