PKI is a system for creating and managing digital certificates that verify the identity of users and devices. With the growth of machine and workload identities in cloud-native and zero-trust environments, the demands for identity have significantly increased. This has led to an unprecedented number of certificates and a substantial increase in complexity.
Legacy PKI systems and the rapid growth of certificates lead to hidden costs
The research shows that PKI remains essential for a secure digital identity, but legacy systems with fragmented practices and manual processes cannot meet current certificate needs. Without a modern, automated approach, the gap between the demand for certificates and the capacity of organizations will only widen, leading organizations to face limited resources and higher operational costs.
- 40% of European organizations cite the costs and risks of legacy PKI as the biggest barrier to secure PKI;
- On average, organizations manage more than 114,000 internal certificates but have only four full-time employees for PKI management;
- 55% of European organizations are forced to outsource PKI management due to a lack of resources and expertise.
Also read: AWS launches AWS European Sovereign Cloud
Manual processes increase security risks
Manually tracking and renewing certificates is both inefficient and potentially risky for organizations, and can lead to costly service disruptions and security exploits.
- 57% of European organizations have experienced unplanned outages due to expired certificates or configuration errors;
- 60% encountered security exploits due to weak cryptography;
- 58% faced breaches at external certificate authorities (CAs);
- 44% experienced theft of private keys from servers.
'The rapid growth of machine identities has completely changed the PKI operating model. Managing an ever-increasing number of certificates is complicated by legacy systems, manual processes, and limited resources,' said Kurt Sand, GM of Machine Identity Security at CyberArk. 'As certificate volumes increase and the lifespan of certificates becomes shorter, the financial and operational impacts of unmanaged PKI are rising rapidly. This is the time for organizations to modernize and automate their PKI, so operational burdens decrease and overall security improves.'
Also read: The future of detection engineering
Clear overview and automation enhance PKI effectiveness
The research shows that overall confidence in compliance and security is low. Organizations that invest in automation and ensure a clear overview experience less operational burden, fewer disruptions, and a higher level of PKI compliance.
- Only 46% of global organizations are confident that their PKI meets compliance requirements, and less than half (48%) trust that their PKI is effective against cyberattacks or internal threats;
- Globally, organizations with high confidence in their PKI more often have a complete overview of their certificates: 75% of them compared to 47% of all organizations. They also more frequently use AI as part of their PKI strategy (61% versus 50%).
'PKI is crucial for ensuring trust, security, and privacy in digital communication. However, the research shows that organizations have little confidence in PKI's ability to protect against security threats and keep up with the growing demand from devices and workloads,' said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. 'To enhance the effectiveness of PKI, I expect more companies to leverage AI to reduce operational burdens and improve their security outcomes.'
