Articles about Certificate management

The radical shortening of SSL/TLS certificate lifespans from 398 days to 47 days by 2029 is shaking up the cybersecurity world. New research shows 96 percent of organizations are concerned about the impact of shorter SSL/TLS certificate lifespans on their business.

The study from Sectigo, developed in collaboration with global research firm Omdia, surveyed over 270 IT decision makers and finds fewer than one in five organizations feel very prepared to support the coming shift to 47-day certificate renewal cycles.

Continue reading →

Certificates are an important part of security for organizations but they're not without risks. These include certificates with long lifespans (one in every 13 certificates have lifespans over two years), certificates without key usage (one in every 25 certificates), certificates with negative serial numbers (one in every 27 certificates), and unsanctioned domain usage.

Keyfactor is launching a Command Risk Intelligence which will visibility into every certificate in use and helps teams proactively identify and mitigate certificate-related risks before they disrupt business operations.

Continue reading →

While digital certificates are an essential part of day-to-day security they also present challenges. They can expire or be revoked, or even forged.

We spoke to Bert Kashyap, CEO of passwordless security platform SecureW2, to learn more about certificate-related vulnerabilities and what IT and security teams can do to deal with them effectively.

Continue reading →

Google's proposal to cut TLS certificate lifespans to 90 days -- down from the current 398 -- was aired last year and has caused something of a stir in security circles.

According to a recent Venafi study, 83 percent of organizations have been hit by certificate-related outages in the past 12 months, and 57 percent of organizations have experienced security incidents involving compromised TLS certificates. Shortening certificate lifespans will therefore help businesses reduce the risk of compromise.

Continue reading →

As we reported three months ago, there are some significant changes coming to the PKI marketplace, not least being Google's move to reduce the lifespan of SSL/TLS certificates.

A new report from GlobalSign, based on 110 responses, finds 30 percent of respondents say the increased administrative work and complexity of the changes is their biggest concern.

Continue reading →

Among organizations that have suffered data breaches, 58 percent were caused by avoidable issues related to digital certificates.

New research conducted by Forrester for AppViewX also shows that as a result of service outages 57 percent say their organizations have incurred costs upwards of $100,000 per outage.

Continue reading →

A new survey finds that nearly 80 percent of TLS certificates on the internet are vulnerable to man-in-the-middle (MiM) attacks, while as many as 25 percent of all certificates are expired at any given time.

The study, sponsored by automated machine identity management firm AppViewX and carried out by EEnterprise Management Associates (EMA), focuses on servers with SSL/TLS certificates on port 443.

Continue reading →

Certificate authority GlobalSign is warning that later this year, and into 2024, there will be significant changes within the Public Key Infrastructure (PKI) marketplace that they need to be aware of.

These changes involve several critical areas: Google's move to reduce the lifespan of SSL/TLS certificates to 90 days, new CA/Browser Forum Baseline Requirements for email security, and mandatory Root changes issued by Mozilla.

Continue reading →

A new survey finds 83 percent of 1,000 organizations surveyed experienced a certificate-related outage over the last year, with over a quarter (26 percent) saying critical systems were impacted.

The report from identity management firm Venafi shows that digital transformation is driving an average of 42 percent annual growth in the number of machine identities.

Continue reading →

A new report shows that 81 percent of organizations have experienced at least two or more disruptive outages caused by expired certificates in the past two years, up from 77 percent last year.

The report from machine identity platform Keyfactor, based on research by the Ponemon Institute, finds the cut in SSL/TLS certificate lifespans to one year in September 2020 has made it much more difficult to keep the pace with certificate issuance and management.

Continue reading →

These days, I wince anytime a major digital service outage makes headlines. Outages happen, of course -- and sometimes they are unavoidable. Servers crash. Cybercriminals get lucky. People make mistakes.

That’s not why I wince, though. I wince because anytime an email exchange goes down, a music service crashes, or a mobile provider loses service, I know there are good odds that the culprit is none of those things. All too often, major service outages come down to two simple words: "expired certificate."

Continue reading →

The majority of data breaches are down to compromised credentials that allow privileged access to corporate systems, in particular infrastructure secrets such as API keys, certificates, database passwords and access keys.

Keeper Security is launching a new solution to help businesses in securing these secrets. Keeper Secrets Manager is cloud-based, fully-managed and uses innovative security architecture.

Continue reading →

A new report from Venafi, based on in-depth security analysis of the world's top million websites over the last 18 months, shows the internet is becoming more secure.

Use of encryption is increasing and the adoption of newer TLS protocols is rising. However, many companies continue to use legacy RSA encryption algorithms to generate keys, despite stronger protocols being available.

Continue reading →

Big retail businesses can have hundreds of TLS/SSL certificates identifying specific internet-connected devices, but many lack an organization-wide framework for managing them.

In the run up to the busiest shopping period of the year, new research from BitSight finds that 75 percent of the retail sector is at heightened risk of ransomware due to poor TLS/SSL configuration management.

Continue reading →

Thanks to organizational changes brought about by digital transformation, enterprise use of Public Key Infrastructure (PKI) and digital certificates has never been higher, but the related skills to manage PKI are in historically short supply.

A new report from trusted identity company Entrust, based on research from the Ponemon Institute, finds cloud-based services remain the highest driver of PKI use at 51 percent, the Internet of Things (IoT) remains the second highest growing trend cited by 46 percent of respondents, and consumer mobile comes in third at 39 percent.

Continue reading →