Cybersecurity niche: Digital certificates in the spotlight as more devices connect to the internet
- Many businesses lack the resources and skills to manage their digital certificates, according to a new report
- Last year, US households had on average 25 connected devices each, compared to 11 in 2019, according to a Deloitte survey
The niche market for digital certificates – the electronic records used to authenticate online connections for security purposes – is expanding rapidly as businesses scramble to find solutions to manage the expanding network of connected devices, according to industry experts.
Internet-connected devices, apps and websites use digital certificates to validate their identities and allow the secure transfer of information over the internet, creating a US$4 billion global market in public-key infrastructure (PKI), the encryption framework behind digital certificates.
The size of the sector is expected to more than double to US$10 billion by 2026, according to an earlier report by Markets and Markets, a research firm.
Businesses are increasingly in need of support when it comes to managing PKI and digital certificates because the number of internet-connected devices, or the Internet of Things (IoT), is snowballing, according to Joseph Ling, chief solutions architect at cybersecurity firm Entrust.
In a research study conducted by Ponemon Institute, a cybersecurity research firm based in the US state of Michigan, found that 65 per cent of respondents in Hong Kong do not have people dedicated to managing PKI, while 54 per cent said they have insufficient resources for managing PKI.
“The difficulty isn’t exactly the technology itself, which hasn’t changed a lot, but the time they spend on it is increasing because there are lot more general-public facing devices,” said Ling, whose firm sponsored the study.
In 2020, the average number of digital certificates organisations issued or acquired surged 43 per cent from 39,197 in 2019 to 56,192, according to the same report published last year. While that growth slowed significantly this year to just 4.3 per cent, according to this year’s report, machine identities now outnumber human identities thanks to the growth of IoT devices, cloud services and new applications.
Companies that do not devote enough time and resources to manage their PKI have run into problems such as expired certificates, according to Ian Christofis, principal managing consultant at Entrust.
For example, in 2018 mobile phone users around the world experienced a network outage that was triggered by a shutdown of equipment supplied by Swedish telecoms giant Ericsson. An expired certificate was the main cause of the shutdown, Ericsson said in a statement at the time.