Expert on Report: Mismanaged Key & Digital Certificates

It was recently reported that the majority of organisations (73%) continue to experience unplanned downtime and outages due to mismanaged digital certificates. More than half of respondents (55%) have experienced more than 4 certificate-related outages in the past 24 months alone according to this research.

Two-thirds of respondents say their organization is adding additional layers of encryption to comply with industry regulations and IT policies; however, shorter certificate validity has doubled the management workload on short-staffed IT and security teams,” notes the study. An estimated average of 88,750 keys and certificates are used by organizations today to secure data and authenticate systems. However, 74 percent of respondents believe their organizations do not know exactly how many keys and certificates (including self-signed) they have, much less where to find them or when they expire. Furthermore, 76 percent of respondents say that failure to secure keys and certificates undermines the trust their organization relies upon to operate.


EXPERTS COMMENTS
Baan Alsinawi, Managing Director,  Cerberus Sentinel
February 13, 2020
Our assessments of various clients and government agencies confirm these findings.
Our assessments of various clients and government agencies confirm these findings. Add that NIST requires FIPS 140-2 encryption, and you add another layer of complexity and confusion to long term management of the various SSL keys, self signed certifictes, PKI if used. Changing the keys upon expiration mostly takes people by surprise since they are not prepared and suddenly critical functions a ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article