Andy Jenkinson is the Group CEO of Cybersec Innovation Partners (CIP), the United Kingdom’s PKI and cryptography governance and management team of experts. Jenkinson is also a member of the International Advisory Council HHERF. He has been an authoritative voice in the space for 25 years and has managed a large team of IT and cybersecurity projects for companies like British Telecom and Virgin Media.
Jenkinson, while working with CIP, has found an alarming number of flaws and misconfigurations in websites and webservers run by some of the biggest players in government, healthcare and even cybersecurity. Speaking about this pressing issue and the frustrating ignorance, complacency and complicity that he’s seen, Jenkinson remarks:
“Misconfigurations of websites do account for a very large percentage of issues. But equally, I would guess we find 15 to 25% of websites not secure because of invalid certificate. … And [this] means there are huge exploitable vulnerabilities today in the ecosystem.”
In this episode of Cybersecurity Unplugged, Jenkinson discusses:
- The correlation between the increase in website numbers over the last 20 years and the increase in cyber losses;
- Why governments building offensive security capabilities incentivized ignoring defensive security;
- How some of the biggest players in industry are their own worst enemy when it comes to security;
- His thesis for how we can get out of the seemingly insurmountable web of vulnerabilities.