PKI

With the National Institute of Standards and Technology (NIST) expected to finalize post-quantum cryptography (PQC) standards in the second half of 2024, a new report from Keyfactor explores the challenges that create barriers to building a strong foundation of digital trust.

It finds that only 23 percent of organizations have started work on PQC, with 36 percent expecting to start after the first release of standards later this year. Another 25 percent of organizations will begin implementing PQC when standards are finalized.

As we reported three months ago, there are some significant changes coming to the PKI marketplace, not least being Google's move to reduce the lifespan of SSL/TLS certificates.

A new report from GlobalSign, based on 110 responses, finds 30 percent of respondents say the increased administrative work and complexity of the changes is their biggest concern.

A growing number of machine identities leaves organizations with the task of managing increasingly complex PKI infrastructure.

We spoke to Chris Hickman, CSO of Keyfactor, about how organizations can go about reducing PKI complexity as well as other trends to keep in mind as they adapt to an era of post-quantum cryptography.

Certificate authority GlobalSign is warning that later this year, and into 2024, there will be significant changes within the Public Key Infrastructure (PKI) marketplace that they need to be aware of.

These changes involve several critical areas: Google's move to reduce the lifespan of SSL/TLS certificates to 90 days, new CA/Browser Forum Baseline Requirements for email security, and mandatory Root changes issued by Mozilla.

A new report shows that 81 percent of organizations have experienced at least two or more disruptive outages caused by expired certificates in the past two years, up from 77 percent last year.

The report from machine identity platform Keyfactor, based on research by the Ponemon Institute, finds the cut in SSL/TLS certificate lifespans to one year in September 2020 has made it much more difficult to keep the pace with certificate issuance and management.

The origins of Public Key Infrastructure (PKI) date back to the 1970s and research at UK intelligence agency GCHQ, though it didn't emerge from the secret world and take off commercially until the 1990s.

PKI still underlies a great deal of modern cryptography, so we spoke to Ryan Sanders, senior product marketing manager at Keyfactor, to find out more about it and why it isn’t going away any time soon.

Thanks to organizational changes brought about by digital transformation, enterprise use of Public Key Infrastructure (PKI) and digital certificates has never been higher, but the related skills to manage PKI are in historically short supply.

A new report from trusted identity company Entrust, based on research from the Ponemon Institute, finds cloud-based services remain the highest driver of PKI use at 51 percent, the Internet of Things (IoT) remains the second highest growing trend cited by 46 percent of respondents, and consumer mobile comes in third at 39 percent.

Identity solutions provider GlobalSign today celebrates the significant milestone of 25 years as a Certificate Authority (CA).

The company has grown from just a few employees in 1996 to become one of the world's top CAs -- as well as the longest operating -- with over than 550 employees in more than a dozen countries.

Public key infrastructure (PKI) and digital certificates are essential to achieving zero trust architecture according to 96 percent of North American enterprises.

However, only 39 percent use PKI as part of their zero trust security strategy today according to a survey from Pulse Research and PKI as-a-Service (PKIaaS) company Keyfactor.