• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

PKI drivers, restraints, opportunities, and challenges in 2022

Allan Tan by Allan Tan
November 12, 2021
Photo by cottonbro from Pexels

Photo by cottonbro from Pexels

Public Key Infrastructure (PKI) is a process of authorizing data sharing or transactions between sender and receiver by providing protection with public and private keys that are approved by central authorities with the help of digital certificates.

The foundations of PKI came out in 1976 when Whitfield Diffie and Martin Hellman published a method of securely exchanging cryptographic keys over a public channel. Fast forward to 45 years later, is PKI still relevant?

It might seem so given that MarketsandResearch forecasts the PKI market to grow to US$9.8 billion by 2026, up from US$3.9 billion in 2021.

The major driving factors contributing to the high growth rate of the PKI market include an increasing adoption rate of PKI solutions and services, the increasing trust in online sellers and customers, increasing instances of malware and file-based attacks, rising concerns pertaining to loss of critical data, the surge in the adoption of IoT and cloud trends, and stringent mandatory regulations and compliances.

Brian Trzupek

In an exclusive with FutureCIO, Brian Trzupek, senior vice president of Product at DigiCert, revisits the evolution of PKI use in modern times.

What is PKI automation?

Brian Trzupek: As organisations move towards digital transformation, the more they rely on PKI and digital certificates to ensure trust and protect sensitive data. But managing PKI is quickly becoming impossible to do manually and more companies are looking at automating their PKI management.

PKI automation describes the range of processes and tools to manage PKI certificates and key life cycles that reduce the need for human intervention. The main objective is to minimise the monotonous tasks related to managing digital certificates, reducing human error, and freeing teams to focus on higher-level activities.

Some aspects that can be automated are certificate request, renewal, validation, alerts or revocation, allowing companies to simplify their PKI security, reduce costs and save time. Essentially, PKI automation looks to automate and improve the efficiency of certificate management workflows at key points during the certificate lifecycle.

In the context of cybersecurity, why would I need PKI automation, where is it applied?

Brian Trzupek: A typical enterprise in APAC is currently managing over 40,000 security certificates, according to DigiCert's report, 2021 State of PKI Automation. This is a sharp increase from previous years, and there is evidence that this rise comes with its share of cybersecurity risks including data breaches, non-compliance issues and service outages.

Source: PKI Automation leading security priorities in APAC in 2021, Digicert, 2021

Two-thirds of these enterprises have experienced outages caused by certificates expiring unexpectedly, and 35% experienced five to six such outages in the past six months, according to data from the survey.

This may result in organisations being faced with reputational damage as well as an impact on customer trust and relationships, as well as revenue. PKI automation, thus, helps to reduce the likelihood of cyber-attacks by bolstering security systems against threats.

PKI automation can be applied to all use cases in which PKI is used including web servers, server certificates, user certificates, mobile devices, email, digital documents signing as well as DevOps apps and services.

Maybe this is repeating from #2, but can you name some use cases for PKI automation applicable to Asia?

Brian Trzupek: Within Asia, business continues to move online, whether it be banking, real estate, remote working accelerated by the pandemic, or the growth of smart devices often referred to as the Internet of Things (IoT).

According to a new McKinsey Global Survey of executives, companies in Asia have accelerated the digitisation of customer interactions by four years, and the share of products and services that are digital in nature by over ten years, over the course of the Covid-19 pandemic.

This acceleration outpaces the global average of three years and seven years respectively. Digital transformation is happening in Asia and is leading to digital-first business processes.

Everything from employees accessing the corporate network and associated applications such as sales systems, customer information and work email requires authentication and encryption that PKI can provide. Similarly, a unique digital certificate is required for each user, each client, each IoT device (business or consumer).

A unique code signing certificate should be used for each software code commit during the testing and build process, prior to and at production, for any company building or integrating software into its digital services.

IoT devices use code signing certificates as well to prevent unauthorized or malicious code from running on the device or corrupting it. PKI digital certificates also authenticate devices to the network and can be inserted upon device manufacturing to provide a “device birth certificate.”

For email, digital certificates allow emails to be signed and associated with each user in the network to prevent spoofs.

In many of these enterprise use cases, digital certificates can be automated to interact with IT team policy and automatically deploy while providing visibility into important certificate management milestones, such as renewal and revocation. This can help prevent certificate expiration that may shut down online services.

Automated PKI management can play a key role in avoiding the negative consequences of certificate failures while providing actionable intelligence to organization security teams to manage effectively.

What are the top 3 misconceptions around automating PKI certificate lifecycle management?

Brian Trzupek: Firstly, some IT leaders believe that PKI management does not provide value as they view it as a back-support and administrative tool with minimal impact.

However, digital transformation has caused PKI to come to the forefront as it acts as a cornerstone for websites, servers, applications as well as upcoming technologies like IT.

Organisations are, thus, increasingly using PKI management strategically so that their security systems are scalable and able to support them in the future.

Next, many take an “if it ain’t broke don’t fix” approach to PKI management, thinking that manual PKI certificate lifecycle management is working for them.

However, in an increasingly complex certificate ecosystem, manual PKI management brings many dangers as the scale and complexity of keeping certificates secure can quickly take a toll on IT departments. For example, an IT team can easily miss an expired certificate leading to time-consuming repairs and potential outages.

Finally, some believe that PKI automation is an overly complicated process that is not worth the effort or worry about unintentional security concerns brought about by automation.

Are all PKI automation tools equal?

Brian Trzupek: Not all PKI automation tools are equal as providers offer different features and proprietary technologies that aim to simplify and improve systems and processes. Organisations should, thus, choose PKI automation tools that best address their challenges and concerns.

Many organisations are looking for centralisation with certificate issuance and management available from the same provider.

Some features not included by all providers include IP-Based Scanning, APIs, remote management of load balancers and scheduling capabilities that could also act as a differentiating factor.

Checklist of things to evaluate PKI automation tools and services against?

Brian Trzupek: In general, organisations should look for tools and services that automate tasks that are repetitive, manual, have high volume, are time-sensitive and are prone to human error:

  • Renewing or requesting new certificates to save time and stress on this tedious process.
  • Validation and approval processes can be automated so that all future certificate issuance and renewals can be done almost immediately.
  • Alerts for certain events, so that IT teams are kept posted on important certificate management activities.
  • Once an issue is encountered, the renewal and installation to resolve the issues quickly and efficiently should also be automated.
  • Finally, using a code signing manager, development teams can automate code signing with built-in API integration to pre-plan and approve signature windows for secure releases and updates.

With all these points checked and ready, organisations can be sure that their automation tools are robust and comprehensive.

However, it is also important to know what not to automate. We don’t recommend automating tasks that require human intervention and key decision makings, such as customer support, tasks that have low ROI or complex processes that need to pass through multiple approval levels and decision-making.

Related:  Why FinOps matters
Tags: cryptographic key managementDigiCertMckinsey & CompanyPKIPKI automation
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe