Identity & AccessPress Release

New Research Shows That Legacy PKI Puts Digital Identities at Risk

PKI Security Under Pressure from Growing Numbers of Machine and Workload Identities

CyberArk, the global leader in identity security, has announced the findings of a new report: Trends in PKI Security: A Global Study of Trends, Challenges & Business Impact. Conducted by Ponemon Institute, a leading independent research firm, the CyberArk-commissioned research analyses perspectives from nearly 2,000 IT and security practitioners globally on the state of public key infrastructure (PKI) security. It reveals that outdated PKI systems are the leading barrier to secure certificate management, fuelling security exploits in 60% of organisations.

PKI is a system for creating and managing digital certificates that verify the identities of users and devices. Modern identity demands—driven by the rise of machine and workload identities across cloud native and zero trust environments—have resulted in unprecedented certificate growth and complexity.

Legacy PKI Systems and Rapid Certificate Growth Are Hidden Cost Drivers

The report shows that PKI remains essential for secure digital identity, but legacy systems with fragmented approaches and manual, human-led processes cannot keep up with today’s certificate needs. Without a modern, automated approach, the gap between certificate demand and organisational capacity will only widen, leaving organizations facing resource constraints and increased operational costs.

  • 34% of organisations cite legacy PKI costs and risks as the top barrier to secure PKI.
  • On average, organisations oversee more than 114,000 internal certificates but have only four full-time staff dedicated to PKI management.

  • 63% are forced to outsource PKI management due to resource and expertise shortages.

Manual Processes Amplify Security Risks

Manual tracking and renewal processes are both inefficient and potentially risky for organisations, causing costly services disruption and security exploits.

  • 56% have suffered unplanned outages due to expired certificates or configuration errors.
  • 60% experienced security exploits as a result of weak cryptography.
  • 58% suffered third-party certificate authority (CA) compromises.
  • 43% experienced server private key theft.

“The rapid expansion of machine identities has completely changed the PKI operating model. The complexity of managing an increasing number of certificates is compounded by legacy systems, manual processes and resource constraints,” said Kurt Sand, GM of Machine Identity Security at CyberArk. “As certificate volumes grow and certificate lifespans continue to shrink, the financial and operational impact of unmanaged PKI will escalate rapidly. Now is the time for organisations to automate and modernize their PKI to reduce operational burdens and improve their overall security posture.”

Unified Visibility and Automation Boost PKI Effectiveness

The report finds that overall confidence in compliance and security is low. Organisations investing in automation and unified visibility see reduced operational burdens, fewer outages and better levels of PKI compliance.

  • Only 46% of organisations are highly confident that their PKI can meet compliance requirements, and less than half (48%) are certain that their PKI is effective against cyberattacks or internal threats.
  • Organisations with high confidence in their PKI compliance are more likely to have unified visibility into their certificate inventory (75% vs. 47% overall). Most (61%) of these organisations have adopted AI as part of their PKI strategy, against 50% of the overall sample.

“PKI is critically important to ensuring trust, security and privacy in digital communications. However, as shown in the research, organisations lack confidence in the ability of PKI to protect against security threats and keep up with their growing devices and workload demand,” said Dr Larry Ponemon, Chairman and Founder of Ponemon Institute. “To increase PKI’s effectiveness, I believe more companies will be adopting AI to reduce operational burdens and have stronger security outcomes.”

To download the full report and access additional study findings, visit https://www.cyberark.com/resources/analyst-reports/ponemon-institute-trends-in-pki-security-a-global-study-of-trends-challenges-business-impact.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *