New research shows Cloud and IoT adoption requires organisations to future-proof PKI implementations
Thales and Ponemon Institute research confirms organisations' biggest PKI challenge is inability of existing infrastructure to support new applications
More than 5000 business and IT managers were surveyed in 11 countries: US, UK, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, India, and for the first time this year the Middle East (Saudi Arabia and United Arab Emirates), with the aim of better understanding the use of PKI within organisations.
- 62% of businesses regard cloud-based services as the most important trend driving the deployment of applications using PKI (50% in 2015) and over a quarter (28%) say IoT will drive this deployment
- PKIs are increasingly used to support more and more applications. On average they support eight different applications within a business – up one from 2015, but in the United States this number went up by three applications
- The most significant challenge organisations face around PKI is the inability of their existing PKIs to support new applications (58% of respondents said this)
- Worryingly, a large percentage of respondents continue to report that they have no certificate revocation techniques
- The use of high assurance mechanisms such as hardware security modules (HSMs) to secure PKI has increased
- The top places where HSMs are deployed to secure PKIs are for the most critical root and issuing certificate authority (CA) private keys together with offline and online root certificate authorities
As organisations digitally transform their business, they are increasingly relying on cloud-based services and applications, as well as experiencing an explosion in IoT connected devices. This rapidly escalating burden of data sharing and device authentication is set to apply an unprecedented level of pressure onto existing PKIs, which now are considered part of the core IT backbone, resulting in a huge challenge for security professionals to create trusted environments. In short, as organisations continue to move to the cloud it is hugely important that PKIs are future proofed – sooner rather than later.”
John Grimm, senior director security strategy, Thales e-Security, says:
“An increasing number of today’s enterprise applications are in need of digital certificate issuance services — and many PKIs are not equipped to support them. A PKI needs a strong root of trust to be fit for purpose if it is to support the growing dependency and business criticality of its services. By securing the process of issuing certificates and managing signing keys in an HSM, organisations can greatly reduce the risk of their loss or theft, thereby creating a high assurance foundation for digital security. Thales has decades of experience providing HSM-based PKI solutions and services that help organisations deploy world-class PKIs and trusted infrastructures.”
Download your copy of the new 2016 PKI Global Trends Study: http://go.thales-esecurity.com/2016GlobalPKITrends
For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs
Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube
THALES - e-Security
Thales e-Security + Vormetric have combined to form the leading global data protection and digital trust management company. Together, we enable companies to compete confidently and quickly by securing data at-rest, in-motion, and in-use to effectively deliver secure and compliant solutions with the highest levels of management, speed and trust across physical, virtual, and cloud environments. By deploying our leading solutions and services, targeted attacks are thwarted and sensitive data risk exposure is reduced with the least business disruption and at the lowest life cycle cost. Thales e-Security and Vormetric are part of Thales Group. www.thales-esecurity.com
Thales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 62,000 employees in 56 countries, Thales reported sales of €14 billion in 2015. With over 22,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements. Its exceptional international footprint allows it to work closely with its customers all over the world.
Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. Thales solutions secure the four key domains considered vital to modern societies: government, cities, critical infrastructure and cyberspace.
Drawing on renowned cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for defense, governmental bodies, critical infrastructures operators, communication, industrial and financial companies. With a presence throughout the information security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting and audits, data protection, digital trust management, cybersecured sytem design, development, integration, certification and through-life management to cyber-threat intelligence, intrusion detection and security supervision with Security Operation Centres in France, the United Kingdom, The Netherlands and soon in Hong Kong.