C security, has announced the findings of a new report, Trends in PKI Security: A Global Study of Trends, Challenges & Business Impact. management, with 63 % forced to outsource PKI due to resource and expertise shortages.
PKI SECURITY
New research shows that legacy PKI puts digital identities at risk, with 56 % of organisations experiencing services disruption
yberArk, a global leader in identity
C security, has announced the findings of a new report, Trends in PKI Security: A Global Study of Trends, Challenges & Business Impact. management, with 63 % forced to outsource PKI due to resource and expertise shortages.
Manual processes amplify security risks operational impact of unmanaged PKI will escalate rapidly.”
Unified visibility and automation boost PKI effectiveness
Conducted by Ponemon Institute, the CyberArk-commissioned research analyses perspectives from nearly 2,000 IT and security practitioners globally on the state of public key infrastructure( PKI) security. It reveals that outdated PKI systems are the leading barrier to secure certificate management, fuelling security exploits in 60 % of organisations.
PKI is a system for creating and managing digital certificates that verify the identities of users and devices. Modern identity demands – driven by the rise of machine and workload identities across cloud-native and zero-trust environments – have resulted in unprecedented certificate growth and complexity.
Manual tracking and renewal processes are both inefficient and potentially risky, causing costly service disruption and security exploits. Fifty-six percent of organisations have suffered unplanned outages due to expired certificates or configuration errors, while 60 % experienced security exploits because of weak cryptography. In addition, 58 % suffered third-party certificate authority compromises and 43 % experienced server private key theft.
“ The rapid expansion of machine identities has completely changed the PKI operating model,” said Kurt Sand, GM of Machine Identity Security at CyberArk.“ As certificate volumes grow and certificate lifespans continue to shrink, the financial and
The report finds that confidence in PKI compliance and security remains low. Only 46 % of organisations are highly confident their PKI can meet compliance requirements and less than half believe it is effective against cyberattacks. Organisations with high confidence are more likely to have unified visibility into their certificate inventory and to have adopted AI as part of their PKI strategy.
“ PKI is critically important to ensuring trust, security and privacy in digital communications,” said Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute.“ To increase PKI’ s effectiveness, more companies will adopt AI to reduce operational burdens and achieve stronger security outcomes.”
Legacy PKI systems and rapid certificate growth are hidden cost drivers
The report shows that PKI remains essential for secure digital identity, but legacy systems with fragmented approaches and manual, human-led processes can’ t keep up with today’ s certificate needs. Without a modern, automated approach, the gap between certificate demand and organisational capacity will only widen, leaving organisations facing resource constraints and increased operational costs.
Thirty-four percent of organisations cite legacy PKI costs and risks as the top barrier to secure PKI. On average, organisations oversee more than 114,000 internal certificates but have only four full-time staff dedicated to PKI
WWW. INTELLIGENTCISO. COM 31