One of the ways to turn a pleasant dinner conversation among CISOs and risk managers into a philosophical battleground is to introduce the topic of key rotation, which is defined as the process of decrypting data with an old key and re-keying the data with a new one.rnThere are many conflicting ideas about how much key rotation is necessary, how far it should go, and how often it should be done. But it's easier than you think.rnModern approaches to key rotation and a better understanding of security threat models enable you to establish a good balance between practicalities while maintaining good security principles.
展开▼
