Organizations Are Unprepared for the Shift to 90-Day TLS Certificates and Post-Quantum Cryptography, New Venafi Research Reveals

Venafi, the leader in machine identity security, today released a new research report, Organizations Largely Unprepared for the Advent of 90-Day TLS Certificates. The report examines organizations’ ...

Autore: Business Wire

Majority of Security Leaders Believe Shorter Certificate Lifespans Will Leave Many Companies Blindsided, With More Outages “Inevitable”

SALT LAKE CITY: Venafi, the leader in machine identity security, today released a new research report, Organizations Largely Unprepared for the Advent of 90-Day TLS Certificates. The report examines organizations’ current state of preparedness to transition to new machine identity standards, including shorter certificate lifecycles and post-quantum cryptography.

A survey of 800 security decision-makers across the U.S., UK, Germany and France revealed that more than three-quarters (76%) of security leaders recognize the pressing need to move to shorter certificate lifespans to improve security. However, many feel unprepared to take action, with 77% saying the shift to 90-day certificates will mean more outages are inevitable.

Additional highlights from the survey findings include:

“We recently lived through the world’s greatest IT outage – the CrowdStrike update outage was an error and unexpected. Security teams know they will be hit with major risks when new outages occur from what they love to hate: more expiring certificates,” said Kevin Bocek, chief innovation officer at Venafi. “Shifting to shorter certificate lifecycles significantly reduces these risks and is a necessary move. However, this can also bring more chaos for security teams – and it’s a double whammy with Entrust being distrusted in Chrome. There aren’t just canaries in the coal mine; there are groundhogs in every cloud, virtual machine and Kubernetes cluster. It’s not just one software update vendor; it’s the entire Internet as we know it.”

The introduction of 90-day certificates means organizations will need to renew their certificates five times more often than they do now – quintupling the effort needed. The survey reveals this will be a major challenge for businesses for two reasons:

Similar challenges exist with quantum. Sixty-seven percent of survey respondents believe shifting to post-quantum cryptography will be a nightmare, as they don’t know where all their keys and certificates are. Looking at the specific challenges these shifts present, the potential speed of the migration, scale and cost, as well as lack of internal skills and knowledge were cited as the top three concerns. However, 86% say taking control of the management of keys and certificates is the best way to prepare for future quantum risks.

“There’s great news: from 90-day certificates to replacing distrusted CAs to making the transition to post-quantum, security teams today have machine identity security capabilities they didn’t have available just a few years ago. Security teams can get certificate lifecycle management (CLM), PKI-as-a-service and workload identity issuers all on one control plane now,” Bocek concludes. “The business case is simple for making sure 90-day certificate lifetimes don’t wreak havoc. We know the problem is coming, unlike the last major IT outage, and the automation we put in place with machine identity security gets us ready for the post-quantum future, the next CA distrust and running in whatever cloud our developers choose.”

To read the full report, visit https://venafi.com/lp/organizations-largely-unprepared-for-the-advent-of-90-day-tls-certificates/.

Additional Resources:

About Venafi

Venafi is the cybersecurity market leader in machine identity security. From the ground to the cloud, Venafi solutions manage and protect identities for all types of machines—from physical and IoT devices to software applications, APIs and containers. Venafi provides global visibility, lifecycle automation and actionable intelligence for all machine identity types and the security and reliability risks associated with them.

With more than 30 patents, Venafi delivers innovative machine identity security solutions for the world's most demanding, security-conscious organizations and government agencies, including the top five U.S. health insurers, top five U.S. airlines, top four payment card issuers and top four U.S. banks. As a leading provider of open source machine identity security solutions, Venafi is the creator of the open source cert-manager project, which is downloaded more than 1.5 million times a day. For more information, visit https://venafi.com/.

Fonte: Business Wire


Visualizza la versione completa sul sito

Informativa
Questo sito o gli strumenti terzi da questo utilizzati si avvalgono di cookie necessari al funzionamento ed utili alle finalità illustrate nella cookie policy. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie, consulta la cookie policy. Chiudendo questo banner, acconsenti all’uso dei cookie.