Failed Security Audits Due to Unenforced Digital Identity Policies and Rogue Certificate Authorities
Unplanned Downtime and Systems Outages Increase Costs, Affecting 58% of Respondents
Regulatory measures such as GDPR put focus on data privacy at design, tightening requirements and guiding IT security controls like Public Key Infrastructure (PKI). Continued adoption of IoT, cloud and mobile technologies are increasing the number of digital certificates and keys that ensure secure connections and identity authentication through PKI.
"This research demonstrates that despite heightened compliance focus, businesses struggle to manage foundational security like PKI and the tools and processes that maintain it. This is concerning, especially as the number of digital certificates and keys within enterprise continues to multiply," said Chris Hickman, chief security officer at Keyfactor.
Half of respondents indicate regulatory compliance as a strategic priority and two-thirds say their organisation is adding additional layers of encryption to comply with regulations and IT policies. However, undocumented or unenforced key management policies are problematic, with respondents averaging more than four failed audits or compliance experiences in the last 24 months.
Additional key findings reveal:
· A rise in security incidents
· Staffing shortages
· Lack of visibility
· Cryptography related security incidents undermine trust
· Cryptography lacks a center of excellence
· Spending trend
"Our 2019 report (https://info.keyfactor.com/
The study was conducted by Ponemon Institute on behalf of Keyfactor and included responses from more than 400 IT and IT security practitioners in the United Kingdom across 14 industries including: financial services, healthcare, manufacturing, retail and automotive.
To view the complete 2020 UK edition of "The Impact of Unsecured Digital Identities" report, visit: https://info.keyfactor.com/
MRB Public Relations Media Contact