In a connected world, awareness creates opportunities.
Things become smart when they connect – to the internet, other devices, platforms, and people. But, as the 2022 Global PKI and IoT Trends study indicates, without the right resources to secure and manage those connections, many organizations are struggling to achieve PKI maturity so they can take advantage.
The findings are clear
This year’s study, conducted by Ponemon Institute and sponsored by Entrust, surveyed over 2,500 IT professionals – ranging from CISOs and CIOs to IT security managers – in 17 countries on their organizations’ PKI practices, applications, and pain points. The findings show that the top challenges for deploying and managing PKI remain constant: no clear ownership, insufficient resources, and insufficient skills.
Topics of the study include:
- Challenges in achieving PKI maturity
- Trends in managing IoT devices
- PKI and IoT best practices
- Global analysis
Watch and learn
Get an overview of some of the most important findings from this year’s study from our informative video series.
Video 2: What security perimeter?
It's a never-ending resource challenge.
As digital transformation accelerates and the number of machine identities grows, the challenge of insufficient resources continues to be top of mind for IT leaders. In fact, it seems to be increasing in significance, with 64% of respondents citing this as one of their biggest challenges in enabling applications to use PKI.
Endless potential. Limited access to skills.
For the eighth year in a row, limited access to skills was cited as one of the biggest challenges enabling applications to use PKI. As the complexity of PKI use cases evolves, overcoming a shortage of skilled IT professionals holds steady as a strategic imperative for how organizations can ensure everything is properly secured.
No clear ownership? No clear PKI management.
Another challenge that IT leaders continue to face is a lack of clear ownership of all the certificates that must now be deployed to secure increasingly complex use cases. Considering PKI is a cornerstone of IT security, and a digital business enabler, this raises a lot of concerns for PKI preparedness for today and the future.
A new frontier brings new uncertainty.
IoT and machine identities are top of mind for organizations, with 33% of respondents citing new applications like IoT as a cause for the most change and uncertainty. With the number of machine identities on the rise and the complexity of short-life certificates that is common in IoT, it is no wonder IT leaders are concerned.
Security perimeters are getting cloudier.
One of the top trends driving the deployment of applications that use PKI is the cloud. With the security perimeter having moved from the data center to more complex landscapes, IT leaders are faced with ensuring security without making compromises even though there are shortages of skills and resources.
HSMs are a best practice that most follow.
Hardware security modules are the best practice for managing keys, with 37% of organizations using them. But a slight increase in the use of software key stores to 13% this year from 10% the year before suggests that not all organizations are doing what's best to maintain control and visibility over their security.
A comprehensive solution for scalable security, with trusted signature, encryption, and identity - from the leading PKI provider.
Entrust PKI as a Service
Enable highly available, scalable, turnkey PKI that deploys within minutes.
Entrust Hardware Security Modules (HSMs)
Our cryptographic solutions not only protect your data, but secure emerging technologies such as cloud, PKI, IoT, blockchain, and digital payments.
Entrust nShield as a Service
Get easy, efficient access to cryptography as a service for PKI and more.
Entrust IoT Security
Seamlessly secure IT and OT devices through scalable machine and user identity management.
Entrust Certificate Hub
Find, control, and automate the management of your certificates from one powerful portal.
Entrust Machine Identity Management
Enable centralized visibility, control, and management of machine endpoints and their supporting infrastructure.