- 28 March 2019 08:48
Venafi Study: Nearly Two-Thirds of Organisations Experienced Certificate-Related Outages Last Year
SALT LAKE CITY — March 26, 2019 - Venafi®, the leading provider of machine identity protection, today announced the results of a study of the scale and frequency of certificate-related outages on critical business infrastructure. Over 550 chief information officers (CIOs) from the U.S., U.K., France, Germany and Australia participated in the study.
Certificate-related outages harm the reliability and availability of vital network systems and services while also being extremely difficult to diagnose and remediate. Unfortunately, the vast majority of businesses routinely suffer from these events. In fact, according to the study, almost two-thirds of organisations (60 percent) experienced certificate-related outages that impacted critical business applications or services within the last year. In addition, 74 percent faced similar events within the last 24 months.
Certificate-related outages are likely to become more complicated, common and costly in the future. The study also found that:
- Eighty-five percent believe the increasing complexity and interdependence of IT systems will make outages even more painful in the future.
- Nearly 80 percent estimate certificate use in their organisations will grow by 25 percent or more in the next five years, with over half anticipating minimum growth rates of more than 50 percent.
- While 50 percent of CIOs are concerned that certificate outages will have an impact on customer experience, 45 percent are more concerned about the time and resources they consume.
“Recently, a machine identity-related outage impacted 32 million cellular customers (https://www.venafi.com/blog/cellular-outage-32-million-brits-caused-expired-certificate) in the U.K., and estimates suggest this could have cost the company over US $100 million (https://www.bbc.co.uk/news/business-46499366),” said Kevin Bocek, vice president, security strategy and threat intelligence at Venafi. “Ultimately, companies must get control of all of their certificates; otherwise, it’s simply a matter of time until one expires and causes a debilitating outage. CIOs need greater visibility, intelligence and automation of the entire life cycle of all certificates to do this.”
While humans rely on usernames and passwords to identify themselves and gain authorised access to applications and services, machines use digital certificates to serve as machine identities in order to communicate securely with other machines and gain authorised access to applications and services. This year, organizations will spend over $10 billion to protect and manage passwords, but they will spend almost nothing to protect and manage machine identities. Most organisations do not have a clear understanding of how many machine identities are in use, which devices are using them, and when they will expire. This lack of comprehensive visibility and intelligence leads to outages.
Bocek added: “Since certificates control authentication and communication between machines, it is important not to let them expire unexpectedly. And because the symptoms of a machine identity-related outage mimic many other hardware and software failures, diagnosing them is notoriously time-consuming and difficult.”
White Paper: CIO Study: Certificate-Related Outages Continue to Plague Organizations: https://www.venafi.com/resource/CIO-Study-Certificate-Related-Outages-Continue-to-Plague-Organizations
Blog: Majority of Businesses Still Experience Outages: Are You Protecting Your Certificates?: https://www.venafi.com/blog/majority-businesses-still-experience-outages-are-you-protecting-your-certificates
Venafi is the cybersecurity market leader in machine identity protection, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise – on premises, mobile, virtual, cloud and IoT – at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.
With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S., U.K., Australian and South African banks; and four of the top five U.S. retailers. Venafi is backed by top-tier investors, including TCV, Foundation Capital, Intel Capital, QuestMark Partners, Mercato Partners and NextEquity.
For more information, visit: www.venafi.com