74% of IT Pros Say Digital Certificates Cause Unexpected Downtime and
Outages – Trust and Reputation Are at Risk, According to New Research
from Keyfactor and Ponemon Institute
CLEVELAND–(BUSINESS WIRE)–As information security budgets grow and funds are allocated to protect
the defensive perimeter, many companies have overlooked the critical
importance of digital certificate management. And a new study shows it
could cost them up to $67.2 million over the next two years. The study,
report released today by Keyfactor,
a leading provider of secure digital identity management solutions, and
Ponemon Institute also finds that 71% of IT pros believe that their
organization does not know exactly how many keys and certificates it has.
“Digital identity is a critical component of any organization – its
currency, really,” said Chris Hickman, Chief Security Officer at
Keyfactor. “The Keyfactor-Ponemon
study shows that organizations are spending an average of $18.2 million
on IT security annually and only 14% of that is allocated to PKI. Yet
the average company is managing upwards of 83,000 digital certificates
to encrypt data and authenticate servers and secure data on IoT devices.
The burden of PKI should be offset by technology that reduces risk and
operational costs, improves efficiencies and automates certificate
Measuring the Cost of Unsecured Digital Identities
The report, titled “The Impact of Unsecured Digital Identities,”
provides data-driven insights into the dangers and consequences of weak
digital identity management. Key report findings include:
When It Comes to Digital Identity Management, Companies are in the
Dark: 71% of IT pros believe that their organization does not know
how many keys and certificates it has.
Mismanagement of Digital Certificates Causes Downtime & Outages:
74% of respondents say digital certificates have caused and still
cause unanticipated downtime or outages – at an average cost per
organization of more than $11M.
The Consequences are Costly: The total cost of downtime and
outages averages $67.2 million per company over a period of two years.
This is due to system administration and support time, lost
productivity, immediate revenue loss and diminished brand reputation.
Reputation is at Stake: 73% of IT pros believe that failing to
secure keys and certificates undermines the trust their organization
relies upon to operate.
“The findings of our research with Keyfactor underscores the importance
of digital identity management – it isn’t receiving the attention or
resources that it requires,” said Dr. Larry Ponemon, founder of the
Ponemon Institute. “Companies need to take steps today to put processes
and technologies in place to proactively manage certificates and keys in
“We know that many organizations struggle with properly and efficiently
managing certificates and there’s a clear gap in understanding how
critical it is, especially at the executive level,” continued Chris
Hickman. “Unfortunately digital identity management is often siloed and
assumed to be a pure IT function. This report should empower PKI and
infosec teams to ask for the resources they need to fully manage and
secure every digital identity.”
The study was conducted by Ponemon Institute on behalf of Keyfactor, and
included responses from 596 IT and IT security practitioners in the
United States across critical industries including financial services,
healthcare and medical devices, retail and automotive.
formerly Certified Security Solutions (CSS), is a leading provider of
secure digital identity management solutions that enable organizations
to confirm authenticity and ensure the right things are interacting in
the right ways in our connected world.
From an enterprise managing millions of devices and applications that
affect people’s lives every day to a manufacturer aiming to ensure its
product will function safely throughout its lifecycle, Keyfactor
empowers global enterprises with the freedom to master every digital
identity. Its clients are the most innovative brands in industries where
trust and reliability matter most.
About Ponemon Institute
Ponemon Institute is dedicated to independent research and education
that advances responsible information and privacy management practices
within business and government. Our mission is to conduct high quality,
empirical studies on critical issues affecting the management and
security of sensitive information about people and organizations.
We uphold strict data confidentiality, privacy and ethical research
standards. We do not collect any personally identifiable information
from individuals (or company identifiable information in our business
research). Furthermore, we have strict quality standards to ensure that
subjects are not asked extraneous, irrelevant or improper questions.
Keyfactor Media Contact
Affect Media Contact