Increased Adoption of PKI Essential to Achieve Zero Trust Strategy: IT Security Survey
Zero trust is a network security model based on the principle of maintaining strict access controls and not trusting anyone by default.
CLEVELAND — Nearly all North American enterprise IT security leaders (96%) say public key infrastructure (PKI) and digital certificates are essential to achieving zero trust architecture, according to a survey from Pulse Research and Keyfactor, a provider of PKI as-a-Service (PKIaaS) and crypto-agility solutions.
Still, only 39% use PKI as part of their zero trust security strategy today, according to the survey, which is said to explore enterprise security priorities, the challenges of zero trust strategy implementation and the use of PKI and digital certificates within a zero trust architecture.
“Adopting a zero trust strategy is an important step to ensuring a robust security posture, especially as digital transformation continues and organizations move their security to the cloud,” says Chris Hickman, CSO, Keyfactor. “Yet the survey results reveal a concerning gap between perception and reality. While most leaders recognize that PKI is essential to a successful zero trust security strategy, most are not actively incorporating it into their identity and access management [IAM] program.”
PKI is comprised of digital certificates and cryptographic keys that provide trusted and secure connections to protect user and machine identities. A zero trust model relies on trusted connections, controls and machine identity authentication to mitigate security risks and ensure machine-to-machine communications are secure.
Additional key findings:
- Adoption drivers: 68% are prioritizing zero trust strategy implementation for security risk mitigation with 50% citing time-to-breach detection reduction
- Investment priorities: 72% of IT leaders cite cloud-first migration followed by remote workforce (65%) and digital customer experience improvements (46%)
- Budget allocation: 92% of respondents have allocated up to 20% of their 2021 technology budget to PKI and/or cryptography investments
- Implementation challenges: 73% see technology gaps as their organization’s greatest barrier to implementation, followed by cost concerns (69%) and a talent or skills shortage (45%)
- PKI requirements: 71% of IT leaders are prioritizing key and certificate visibility, followed by enabling automation (56%) and cloud-first PKI deployment (49%)
“The proliferation of digital certificates and keys within the enterprise will continue to rise, especially as a reliance on distributed IT and the remote workforce continues,” says Hickman. “Scalability is a key consideration when building out a zero trust architecture. However, PKI alone does not equate to zero trust. To be successful and fully achieve zero trust organizations also need the automation, process and security controls necessary to support it.”
The survey was conducted by Pulse Research on behalf of Keyfactor and included responses from 100 North American executive and vice president-level IAM leaders in enterprises with between 5,000 and 10,000+ global employees.
To view the complete findings and to download the report, go here.
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!