State of Machine
Identity Management 2022

Scroll for highlights

About the Report

Welcome to the second annual State of Machine Identity Management
report, an in-depth look at the role of public key infrastructure (PKI), keys,
and digital certificates in securing IT organizations across EMEA and
North America.

1,231 Respondents
12+ Industries
2 geo-regions

As your digital footprint expands,
how do you establish trust?

Findings from this year’s report make one thing clear: PKI and machine
identities are essential building blocks to digital trust as organizations
accelerate their path to multi-cloud, zero-trust, and DevOps strategies.

Use of PKI and machine IDs is quickly expanding.

IT organizations increasingly rely on PKI, crytographic keys, and digital certificates to securely connect users, machines, and applications across their IT environment.

PKI and machine IDs
machine ID sprawl

There’s just one problem, machine ID sprawl.

At the same time, however, companies are still struggling to manage their growing PKI and machine identity landscape, and the challenges are getting more complex.

Findings you should know about

66% Are deploying more keys and digital certificates across their IT landscape
55% Rank zero-trust strategy as a top driver of PKI, keys, and certificates
57% Rank crypto agility as a top strategic priority for digital security
41% Say skills shortage is a top inhibitor to building a proper crypto strategy
70% Say growth of keys and certificates has increased operational burden
61% Say theft or misuse of machine identities is a serious problem

Download the full
2022 report

Discover more in-depth insights into the PKI and machine
identity landscape.

Key risks and challenges

Outages are becoming more
disruptive.

As shorter SSL/TLS certifcate lifespans become the new norm,
the frequency and impact of outages caused by untracked or
expired certificates has reached an all-time high.

81% Experienced multiple disruptive outages due to expired certificates in the past 24 months
3.3Hrs Average time it takes organizations to respond and remediate a certificate-related outage
6.4FTE Average number of full-time equivalents (FTE) involved in deploying and managing PKI.
50% Of organizations say they don’t have enough personnel dedicated to their PKI deployment.

Skills shortage inhibits
PKI success.

Public key infrastructure (PKI) is widely used by
organizations for authentication, signing and encryption.
However, it’s difficult to find and retain expertise to deploy
and manage PKI.

The root of the problem

PKI and cryptography are used as commodities, deployed and managed
by different teams to solve specialized use cases without a centralized
strategy for machine identity management.

Still use spreadsheets to manually
track certificates

Use self-signed certificates that
can create serious risk

Have no formal access controls
for code signing keys

Have no centralized management
for SSH keys

Get the full 2022 report