DigiCert Joins NIST Consortium on Effective TLS Server Certificate Management

As the consortium’s first certificate authority, DigiCert will play a key role in developing a cybersecurity reference design on the management of TLS server certificates in medium and large enterprises

LEHI, Utah – (July 26, 2018)DigiCert, Inc., the leading global provider of SSL/TLS certificates and other public key infrastructure (PKI) solutions for securing web traffic and the Internet of Things (IoT), today announced that it will collaborate with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on the development of a new TLS (Transport Layer Security) Server Certificate Management project. The resulting NIST Special Publication will provide a cybersecurity reference design that companies can use to reduce outages, improve security and enable disaster recovery activities related to TLS certificates.

TLS is a broadly used cryptographic protocol that provides authentication and encryption of communications between clients and servers using digital certificates. These certificates protect information shared on the Internet. This NCCoE project will demonstrate how to establish, assign, change and track an inventory of TLS certificates.

DigiCert will contribute its CertCentral® PKI certificate management platform, which facilitates better certificate lifecycle management by consolidating tasks for issuing, installing, inspecting, remediating, and renewing certificates into one scalable software suite. DigiCert also has plans to enable testing of the ACME protocol via CertCentral.

“We’re excited to play a lead role in this project that will help companies across all industries solve their TLS deployment issues,” said Dean Coclin, senior director of business development at DigiCert. “We are contributing our technology and expertise to the creation of a document that will serve as a definitive how-to guide for utilizing TLS certificates and other products in a unified fashion.

According to NIST, “DigiCert is working with NIST to develop practical, interoperable cybersecurity approaches that address the real-world needs of complex IT systems. By accelerating use of these integrated tools and technologies for protecting IT assets, the NCCoE will enhance trust, reduce risk for companies and individuals using IT systems, and encourage development of innovative, job-creating cybersecurity solutions.” *

This marks the third recent NIST project which DigiCert has supported with its knowledge and technology.

DigiCert is currently working on the Securing Picture Archiving and Communications System (PACS) Project that will provide guidance on securing the PACS ecosystem in Healthcare Delivery Organizations (HDOs). PACS is nearly ubiquitous in hospitals, prompting the healthcare sector to identify its security as a critical need. PACS requires controls that provide significant integrity, availability, and confidentiality assurances because it ties into doctor-patient workflow management. The scope of the NIST project is to improve control and management of PACS that limits exposures to a threat vector while still allowing for the easy storage, retrieval, management, distribution, and presentation of medical images.

In 2017, DigiCert contributed to the NIST Cybersecurity Practice Guide SP 1800-8 “Securing Wireless Infusion Pumps in Healthcare Delivery Organizations”, developed to improve the security of wireless medical infusion pumps that connect to a variety of healthcare systems, networks and other devices. That connectivity increases cybersecurity risk that could expose HDOs to attacks by malicious actors; a breach of protected health information; loss or disruption of healthcare services; and damage to an organization’s reputation and revenue. SP 1800-8 provides best practices and detailed guidance on how to manage assets, protect against threats, and mitigate vulnerabilities.

About DigiCert, Inc.

DigiCert is a leading provider of scalable security solutions for a connected world. The most innovative companies, including the Global 2000, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports SSL/TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management platform, CertCentral®. The company has been recognized with dozens of awards for its enterprise-grade management platform, fast and knowledgeable customer support, and market-leading growth. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

*NIST does not evaluate commercial products under this Consortium and does not endorse any product or service used. Additional information on this Consortium can be found at: https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management.

DigiCert Contact

Jeff Chandler
Director of Public Relations