The Source from Keyfactor: January 2024 Edition

Amid crypto-innovation, certificate outages remain public enemy #1.

As some of the most promising breakthroughs in quantum, IoT, and other sectors unfold, organizations still struggle with basic certificate management and automation. In our 2023 State of Machine Identity Report, 77% of respondents reported at least two certificate outages in the past 24 months.?

Certificate outages indicate a lack of visibility, centralization, and strategy. The stakes of these crypto-agility prerequisites are growing higher with exploding certificate usage and shortening lifecycles.

Featured resource

In 2023, we saw big names like Microsoft, Cisco, and SpaceX fall victim to headline-grabbing certificate gaffs. This goes to show that it only takes one untracked certificate to bring operations to a halt. Other incidents, like Github’s stolen code-signing keys, illustrate how crypto-agility can help avert disaster and protect your users.?

Our roundup of 2023’s notable certificate incidents can help you understand the stakes and mistakes common to managing digital certificates.?

Check out the roundup: 2023’s Biggest Certificate Outages

Actionable tip

Gain visibility, build org-wide policies and processes.?

There’s no doubt about it: managing certificates is complicated. But it’s much more complicated in the dark. If each team using certificates is left to find their own solutions, they’ll create sprawl and redundancy and neglect the documentation of their certificates.?

By gaining visibility and automating the discovery of all certificates in your environment, you can cut down sprawl and create informed policies that eliminate the likelihood of an outage.

?Executive perspective

“Machine identity management is receiving unprecedented support from leadership, yet teams are struggling. Reducing PKI complexity and preventing certificate-related outages are top priorities, yet the average organization uses nine different PKI and certificate authority solutions. This shows that awareness of challenges doesn’t automatically translate into solving them.”

- Chris Hickman, Chief Security Officer, Keyfactor

Go Deeper

• 2024 has officially lifted off. What can you expect? Check out our predictions here.?
• You're a predictions addict, you say? Our experts elaborated more on VM blog.
• The IoT security landscape continues to shift. See what leaders had to say.?
• Code-signing keys remain prime targets for hackers. Revisit our CSO’s notes from last year.

Mark Your Calendars

Mark your calendar for Keyfactor events and webinars

Don't miss Keyfactor’s five-part webinar series, "IoT Insights Unveiled.” Elevate your cybersecurity strategy with exclusive insights into enhanced security for IoT and connected products in the enterprise. Secure your spot now!

What you'll learn:

Part 1 (Feb 5): Unveil groundbreaking insights shaping the future of IoT security in Keyfactor’s 2023 State of IoT Security Report.

Part 2 (Feb 6): Unlock the secrets of robust IoT security—seamlessly navigate compliance and vulnerabilities.

Part 3 (Feb 7): Learn how OEMs shape the future of secure, connected products.

Part 4 (Feb 8): Safeguard your organization in the IoT era. Discover strategies to protect operators and user organizations.

Part 5 (Feb 9): Gain insights into the interplay of IoT standards, innovation, and security.