View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 27, 2018updated 11 Jul 2022 4:19am

Public Key Infrastructure Use Soars: But Who’s In Charge?

42 percent of IoT devices will use digital certificates for authentication in the next two years, the report said.

By jonathan chadwick

Rapid growth in IoT device usage is behind a sharp rise in deployment of applications that use public key infrastructure (PKI), according to a new report from Thales and the Ponemon Institute, with the UK leading the way.

But “ownership” of PKI (a set of hardware, software, policies, processes, and procedures required to create, manage, distribute, use, store, and revoke digital certificates and public-keys) remains a major hurdle for adoption.

The 2018 Global PKI Trends Study presents survey results of 1,600 IT and security practitioners in 12 countries, including the UK, the US, Australia, Brazil, and Japan.

It found that 70 percent of respondents believe there is no one function responsible for managing PKI; by far the top challenge year after year.

Thales said: “This lack of clear ownership is not in line with best practices, which assume as a baseline a sufficient degree of staffing and competency to define and maintain the process and procedures on which a modern PKI depends.”

IoT Use Soars

Fourty-four percent of applications were using PKI, up from 21 percent in 2015. IoT was the only factor to have risen this year, while both cloud services and consumer mobile dropped. PKI provides core authentication technology that’s crucial for IoT applications.

“In previous years, we highlighted PKI as an established technology positioned to tackle the authentication needs and challenges to support the rise of cloud applications,” said Larry Ponemon, fouder of the privacy firm.LTE

“Now, the C-suite is challenging its teams to leverage IoT to improve and drive business. With this comes the increased risk of more endpoints to protect, and the need to understand the role of PKI as a critical enabler.

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals

Manufacturing Driver of Public Key Infrastructure Usage

The industrial and manufacturing sector was behind much of the growth of PKI usage, with an average of 43,000 certificates under management.

Of the respondents in this sector who described how their organisation’s enterprise PKI is deployed, 54 percent cited an internal certificate authority (CA), 30 percent an externally hosted private (CA), 34 percent a public CA service, and 24 percent a private CA running within a public cloud.

The financial services sector reported the highest proportion of internal corporate CA deployment, at 72 percent.

IoT Security: Increase in PKI for Secure Network

Organisations are applying stronger PKI security, hiring PKI specialists, and investing in additional security controls such as multi-factor authentication. 49 percent of respondents said they either extensively or partially encrypt their IoT device data.

“For safe, secure IoT deployments organisations need to embrace time-tested security techniques, like PKI, to ensure the integrity and security of their IoT systems,” added senior director security strategy at Thales.

Gartner predicts IoT security spending will double by 2021 to match the surge in connected devices. That figure is set to hit $1.5 billion globally this year, the firm added.

IoT security is still an afterthought for IT leaders, however, according to Trend Micro. Only 53 percent of IT and security decision makers regard IoT as a security risk, it claims.

Read this: Cisco “Small and Mighty” Report Highlights SME Vulnerability

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU