Welcome to the second annual State of Machine Identity Management
report, an in-depth look at the role of public key infrastructure (PKI), keys,
and digital certificates in securing IT organizations across EMEA and
North America.
About the Report
1,231 Respondents
12+ Industries
2 geo-regions
As your digital footprint expands,
how do you establish trust?
Findings from this year’s report make one thing clear: PKI and machine
identities are essential building blocks to digital trust as organizations
accelerate their path to multi-cloud, zero-trust, and DevOps strategies.
The use of PKI and machine IDs is quickly expanding.
IT organizations increasingly rely on PKI, crytographic keys, and digital certificates to securely connect users, machines, and applications across their IT environment.
There’s just one problem: machine ID sprawl.
At the same time, however, companies are struggling to manage their growing PKI and machine identity landscape, and the challenges are getting more complex.
Here's what's top of mind for IT and security pros
66% Are deploying more keys and digital certificates across their IT landscape
55% Rank zero-trust strategy as a top driver of PKI, keys, and certificates
57% Rank crypto agility as a top strategic priority for digital security
41% Say skills shortage is a top inhibitor to building a proper crypto strategy
70% Say growth of keys and certificates has increased operational burden
61% Say theft or misuse of machine identities is a serious problem
Download the full
2022 report
Discover more in-depth insights into the PKI and machine
identity landscape.
Key risks and challenges
Outages are becoming more
disruptive.
As shorter SSL/TLS certifcate lifespans become the new norm,
the frequency and impact of outages caused by untracked or
expired certificates has reached an all-time high.
81% Experienced multiple disruptive outages due to expired certificates in the past 24 months
3.3Hrs Average time it takes organizations to respond and remediate a certificate-related outage
6.4FTE Average number of full-time equivalents (FTE) involved in deploying and managing PKI
50% Of organizations say they don’t have enough personnel dedicated to their PKI deployment
Skills shortage inhibits
PKI success.
Public key infrastructure (PKI) is widely used by
organizations for authentication, signing and encryption.
However, it’s difficult to find and retain expertise to deploy
and manage PKI.
The root of the problem
PKI and cryptography are used as commodities, deployed and managed
by different teams to solve specialized use cases without a centralized
strategy for machine identity management.
Still use spreadsheets to manually
track certificates
Use self-signed certificates that
can create serious risk
Have no formal access controls
for code signing keys
Have no centralized management
for SSH keys