Despite OpenSSL security issues, industry needs open source SSL

Despite OpenSSL security issues, industry needs open source SSL

Despite OpenSSL security issues, industry needs open source SSL

Date: Jul 31, 2014

As widespread as the recent Heartbleed OpenSSL security flaw proved to be, one security expert says open source SSL technology has become so important to the security of the Internet that the technology isn't going anywhere.

"We're not going to go back to commercially licensed stacks for all of our SSL," said Andrew Jaquith, senior vice president and CTO with Milford, Connecticut-based cloud security provider SilverSky. "There's always going to be a need for something that's a little more open and a little more free."

In this interview, conducted at the 2014 Gartner Security & Risk Management Summit, Jaquith discussed OpenSSL's future and whether upstarts like LibreSSL and BoringSSL will be received as welcome alternatives.

Jaquith also discussed the fallout from the 2013 Target breach and why his recent conversations with SilverSky customers suggest the incident has become a tipping point for the information security industry.

Then he discussed the recent cloud provider security incidents at CodeSpaces and One More Cloud. He explained why they may be an indicator that the focus of attackers is shifting, and that some cloud computing providers' security capabilities are more vetted than others.

Finally, Jaquith touched on perhaps his favorite information security theme, security metrics, and explained why over the course of just a few years it has become much easier for any organization to quickly adopt data-driven security principles and quickly realize the benefits.

More on Network Protocols and Security

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: