IoT is the fastest growing force affecting PKI planning and evolution

The report, based on independent research by the Ponemon Institute and sponsored by Thales, reveals continued and increased reliance on PKI as a core enterprise asset and a root of trust. Over the past few years, cloud applications, and now the IoT, are the newest disrupters to future PKI planning as organisations not only tend to the digital certificate needs of today, but must also simultaneously prepare for the future a future with never-before-seen diversity and scale. 

While many of the traditional challenges to PKI adoption remain, such as a lack of clear ownership (70 percent), organisations are increasingly hiring PKI specialists and investing in additional security controls such as multi-factor authentication (62 percent). The findings, which reflect the responses of 1,600 IT security practitioners, demonstrate the current state of PKI maturity while hinting at future trends:

• In the next two years, almost half (42 percent) of IoT devices will use digital certificates for authentication
• As the IoT continues to grow, 27 per cent believe PKI deployments for device credentialing will live in the cloud, with 43 percent a combination of both enterprise and cloud
• Enterprises are beginning to encrypt data from IoT devices with 49 percent of respondents either extensively or partially encrypting their IoT device data
• IoT is the top trend driving deployment of PKI-enabled applications with a 23 percent increase from 2015
• Ranking important PKI capabilities necessary for IoT deployments, 45 percent of respondents cited scalability to millions of managed certificates as most important, followed by 39 percent who cited online revocation
• The use of hardware security modules (HSMs) to secure PKI digital certificates to form a root of trust and enable strong authentication has increased to 39 percent
• Forty-four percent of companies in the healthcare/pharmaceutical sector believe the IoT is one of the top two trends driving deployment of PKI applications
• The industrial/manufacturing sector led the charge in growth of PKI usage with an average of 43,000 certificates under management

John Grimm, senior director security strategy, Thales eSecurity says:

"In this era of digital transformation, where companies are deploying digital technologies to improve their operations, deliver value to customers and gain competitive advantage, IoT initiatives invariably are the backbone of those efforts. Huge amounts of data are generated by and collected from a rapidly growing number of IoT devices, with the cloud playing a pivotal role in IoT solutions of the future. But there's no point in collecting and analyzing that data, and making business decisions based upon it if you're not able to trust the devices or their data. For safe, secure IoT deployments organizations need to embrace time-tested security techniques, like PKI, to ensure the integrity and security of their IoT systems."