The use of PKIs and digital certificates in companies has never been as high as it is today – but the skills required to manage a PKI are also at a historically low level.
This is the conclusion of a study conducted by the Ponemon Institute on behalf of Entrust. The Global PKI and IoT Trends Study 2021 finds that IT professionals continue to view a lack of clear responsibilities, resources, and competencies as the biggest challenge in PKI deployment and management.
As the heart of a company-wide IT infrastructure, PKI enables securing critical digital initiatives – including, for example, the cloud, mobile usage, identity management and the Internet of Things (IoT). So it’s the key to digital change – which is becoming particularly evident, not least in the context of the global pandemic and its impacts on many business processes.
Motivations and challenges when introducing PKI
When it comes to the top drivers driving the adoption of PKI applications, the Internet of Things (IoT) remains the fastest growing region at 47%. Cloud-based services were ranked as the second most important driver by 44% of respondents, while mobile applications came in third with 40%.
71% of respondents cited the lack of clear responsibilities as the biggest challenge to PKI use and management. This trend has held steady over the past five years – indicating that this point is a major problem for many companies.
Inadequate resources and inadequate skills were ranked second and third in importance with 51% and 46%, respectively. When using a PKI, existing PKIs that are unable to support new applications (55%) and insufficient skills (46%) again cause the biggest problems.
Areas with the greatest anticipated change and associated uncertainty include the Internet of Things in the first place (for 41% of respondents), second and third were external mandates and standards (37%) as well as changes to the Public Key Infrastructure (PKI). ). The mentioned techniques (27%).
Dr. said. Larry Ponemon, Chairman and Founder of The Ponemon Institute. “We see the risk of these issues exacerbating and there are vulnerabilities in corporate security systems. If you think that IT infrastructures are becoming increasingly distributed due to remote working, the cloud, and the Internet of Things, it becomes clear that many businesses also need more Transparency, automation, and central control.”
Please confirm your email address!
Click the link in the email we just sent you. Also check your spam folder and whitelist us.
More information about the newsletter.
Rise in machine identities
TLS/SSL certificates for publicly accessible sites and services are the most cited use case for PKI credentials (81% of respondents). Private networking and VPN apps come in second (67%) and email secure third (55%). Last year, public cloud applications and employee authentication ranked second and third, respectively. This move underscores the shift in focus on ensuring the security of remote workers and distributing IT workloads.
According to the study, the average number of certificates issued or acquired by companies continues to rise – by 4.3% (from 56,192 in 2020 to 58,639 today). Rather, the number has increased by 50% since 2019. While the number of human identities to be secured has remained relatively constant in recent years, this year the number of machine identities (devices and workflows) is outpacing human identities for the first time. This growth is mainly due to the increasing use of the Internet of Things and cloud services.
Regardless of the reasons for the increase, as certifications increase, their responsible management becomes more and more important. However, a fifth (20%) of all respondents use a manual list to revoke certification, and nearly a third (32%) admit that there is no procedure for this. These companies are vulnerable to attack and serious system failure – which in turn can cause business disruption and associated costs.
said John Metzger, Vice President of Product Marketing, Digital Security at Entrust. Meanwhile, the skills and resources required to deploy and manage a PKI remain scarce – a problem compounded by the lack of clear regulatory responsibility for PKI deployment. To deal with this complexity, companies first need a strategy, and secondly, the right products. At Entrust we can do both, as we have not only the technological skills, but also many years of experience and knowledge in the field.”
You can find a full one here Global Study on Public Key Infrastructure and Internet of Things Trends 2021.
Global PKI and IoT Trends 2021 Study Methodology:
The annual ‘Entrust Global PKI and IoT Trends Study’ is conducted by pollsters from the Ponemon Institute and is based on the opinions of more than 1,900 IT security experts in 17 countries: Australia, Brazil, France, Germany, Hong Kong, Japan, Mexico, the Near East (Saudi Arabia United Arab Emirates), the Netherlands, the Russian Federation, Spain, Southeast Asia, South Korea, Sweden, Taiwan, the United Kingdom, and the United States.
“Communicator. Entrepreneur. Introvert. Passionate problem solver. Organizer. Social media ninja.”