Below is our recent interview with Jason Sabin, Chief Technology Officer at DigiCert:
Q: Could you provide our readers with a brief introduction to DigiCert?
A: DigiCert is the leading global provider of digital trust, enabling individuals and businesses to engage online with the confidence that their footprint in the digital world is secure. DigiCert provides this digital trust for its customers by shaping global industry standards, delivering excellence in worldwide compliance and operations, providing certificate lifecycle management for public and private trust, and extending trust into supply chains and connected ecosystems.
DigiCert ONE, the platform for digital trust, provides organizations with centralized visibility and control over a broad range of public and private trust needs, securing websites, enterprise access and communication, software, identity, content and devices.
Q: What is digital trust?
Digital trust is the foundational technology for securing the connected world. It is the thing that enables us all to have confidence that the things we are doing online – whether these are interactions, transactions or business processes – are secure.
With digital transformation and the increase of connected devices propelled by remote work, companies should consider digital trust as a strategic imperative to prevent and protect against cybersecurity threats. The strategic importance of digital trust extends beyond the creation and handling of digital certificates. It is an integral part of the security and risk function, protecting the company from cybersecurity threats. It is a necessary component of digital transformation, enabling companies to transfer critical processes online and create new forms of inter-organization connection. And it is essential to our connected future. Companies that are strategically investing in digital trust are positioning themselves now as stewards of a secure, connected world.
Q: Can you share your digital trust vision with our readers?
A: The foundation of digital trust rests on three key elements:
- Authentication of identity, whether it be for an individual, a business, a machine, a workload, a container or a service
- Integrity, the assurance that an object has not been tampered with; and
- Encryption, securing data in transit.
These elements enable us to know that a website is secure, that an email is authentic, that a document signature is valid, that software has not been compromised, that a cloud software image is valid, that an individual is who they say they are. These three elements are delivered through digital certificates that bind cryptographic public-private key pairs to identity. This public key infrastructure (PKI) helps organizations establish trusted identity, integrity and encryption between people, systems and things.
But PKI only provides the foundation. Digital trust is provided through four key building blocks: standards, compliance and operations, trust management and connected trust.
Standards: Standards are what define trust for a given technology or industry. The CA/Browser Forum, for example, defines the standards that certification authorities must adhere to in order to be trusted to deliver trust. DigiCert shapes standards with leadership and active participation in 15 industry groups, including CA/B Forum, IETF, ASC-X9, and NIST. These standards address web security, IoT, government policies, code signing and DevSecOps, financial PKI and more.
Compliance and operations: Compliance and operations are the set of activities that establish trust. Compliance is the set of policies and audits that verify that operations are being conducted according to the standards set by a governing body. DigiCert operates multiple data centers around the world for quick response times. We offer “follow the sun” customer support with global teams to handle customer needs in their time zone and language. We also offer our platform in 8 languages and we support 56 languages. We place heavy emphasis on compliance with industry standards and international laws to ensure successful customer outcomes.
Trust management: Companies are increasingly relying on certificate lifecycle management and other types of software to manage trust. This software reduces business disruption from certificate outages, reduces rogue activity by driving adherence to corporate security policy, and reduces the administrative burden of managing certificate lifecycles and other enterprise identities through business process automation. DigiCert offers publicly and privately trusted roots, with the most public root ubiquity of any digital trust provider. DigiCert ONE enables flexible deployments, whether on premises, in the cloud, in-country, or hosted by DigiCert. Its cloud-native architecture allows for industry-leading rapid time to market for customers. DigiCert ONE features robust automation capabilities and crypto-agility to include addressing coming threats from post-quantum encryption.
Connected trust: Companies also need ways to extend trust info more complex supply chains or ecosystems. Examples are ensuring continuity of trust throughout a device lifecycle, across a software supply chain or in the establishment of digital rights provenance in a content community. DigiCert for Connected Devices is our flagship entry in the category of connected trust, providing the most comprehensive solution for device security by pairing digital trust solutions for device identity and code signing with plug-and-play applications and services that govern device operations. This solution category addresses the needs of developers, chipmakers, manufacturers, and operators and ensures continuity of trust across the supply chain.
Q: What can we expect from DigiCert in next 6 months? What are your plans?
A: DigiCert will continue to innovate to make the delivery of digital trust in its more comprehensive forms simpler for our customers to implement. As part of this process, we plan to continue to grow our business both organically through the acquisition of new customers and also through acquisition of industry-leading solutions that enhance our product portfolio. DigiCert is committed to helping our customers and partners understand the importance of digital trust and how they can succeed by working with us on our common vision.