Failed Security Audits Due to Unenforced Digital Identity Policies and Rogue Certificate Authorities

CLEVELAND - March 17, 2020 - PRLog -- Keyfactor (http://www.keyfactor.com/), the leader in securing digital identities, and the Ponemon Institute today released the 2020 UK edition of "The Impact of Unsecured Digital Identities (https://info.keyfactor.com/en-gb/the-impact-of-unsecured-digital-identities-2020-report-featuring-the-critical-trust-index-united-kingdom-edition)", a benchmark report exploring enterprises' ability to manage increasing numbers of cryptographic keys and digital certificates securing network connections.

Regulatory measures such as GDPR put focus on data privacy at design, tightening requirements and guiding IT security controls like Public Key Infrastructure (PKI). Continued adoption of IoT, cloud and mobile technologies are increasing the number of digital certificates and keys that ensure secure connections and identity authentication through PKI.

"This research demonstrates that despite heightened compliance focus, businesses struggle to manage foundational security like PKI and the tools and processes that maintain it. This is concerning, especially as the number of digital certificates and keys within enterprise continues to multiply," said Chris Hickman, chief security officer at Keyfactor.

Half of respondents indicate regulatory compliance as a strategic priority and two-thirds say their organisation is adding additional layers of encryption to comply with regulations and IT policies. However, undocumented or unenforced key management policies are problematic, with respondents averaging more than four failed audits or compliance experiences in the last 24 months.


Additional key findings reveal:

·      A rise in security incidents
·      Staffing shortages
·      Lack of visibility
·      Cryptography related security incidents undermine trust
·      Cryptography lacks a center of excellence
·     Spending trend


"Our 2019 report (https://info.keyfactor.com/the-impact-of-unsecured-digita...)in North America was a wake-up call in many ways – it was the first report of its kind to investigate the role that digital certificates and keys play in creating trust and supporting security," said Dr. Larry Ponemon, founder of the Ponemon Institute. "This year we expanded the report's boundaries to examine the state of PKI within the United Kingdom. While UK-based organisations score slightly higher than their North American peers on overall PKI program management, they're struggling in compliance-related categories, which may expose greater operational and security risk."

The study was conducted by Ponemon Institute on behalf of Keyfactor and included responses from more than 400 IT and IT security practitioners in the United Kingdom across 14 industries including: financial services, healthcare, manufacturing, retail and automotive.

To view the complete 2020 UK edition of "The Impact of Unsecured Digital Identities" report, visit: https://info.keyfactor.com/en-gb/the-impact-of-unsecured-digital-identities-2020-report-featuring-the-critical-trust-index-united-kingdom-edition.