PKI changes and uncertainty due to new applications

New research by the Ponemon Institute reveals the Internet of Things (IoT) is playing an increasingly important role in influencing public key infrastructure (PKI) planning and usage. PKIs, widely used for authentication, digital signing, and encryption, are considered a core service supporting many different use cases and applications.

The most important trends driving the deployment of applications using PKI

PKI changes

While a majority (54 percent) of respondents believe cloud-based services is the most important trend driving the deployment of applications using PKI, 40 percent also cited the IoT – a number that has doubled in the past three years.

Technological evolution, uncertainty, and opportunity

The findings, which reflect the responses of over 1,500 IT security practitioners worldwide, paint a picture of technological evolution and some uncertainty, but also opportunity:

  • In the next 2 years, almost half (43%) of IoT devices will use digital certificates for authentication
  • 43% of respondents believe PKI deployments supporting the IoT will be a combination of cloud-based and enterprise-based PKIs – a number that reflects the scale of the IoT and resulting scale of PKIs issuing certificates for it
  • Over one-third of respondents (36%) cite new applications like the IoT as the fastest growing area of PKI evolution (a number that has almost tripled since 2015)
  • On average, PKIs support more than 8 different applications within a business; SSL tops the list, followed by VPNs, public cloud apps, and device authentication
  • Almost two-thirds of organizations now report having a PKI and 36% of respondents use hardware security modules (HSMs) to protect their PKI.

Building trust

Dr. Larry Ponemon, chairman and founder of The Ponemon Institute, said: “Last year, we underscored that it is hugely important PKIs be future proofed – and we still stand by that recommendation. Not only are PKIs a core enterprise asset, but they are playing an increasingly important role supporting certificate issuance needs for cloud applications and the IoT. Smart organizations have determined that successful IoT deployment rests on trust being established from the beginning, and they’re leaning on their PKI as one component for building that trust.”

How will PKI be deployed for IoT device credentialing as the IoT continues to grow?

PKI changes

“While the sheer number and types of IoT devices pose security and interoperability challenges, authentication is a critical building block in transforming trust from an IoT barrier to an IoT enabler. One way a root of trust can be accomplished is through HSMs, which are high-assurance sources of credentials for both IoT and non-IoT applications. In the years to come, we expect to see even more HSM deployment and other indicators of higher PKI security maturity to help underpin the digital transformation of enterprises,” said John Grimm, senior director security strategy, Thales e-Security.