Spotlight: Automation Beckons as DevOps, IoT Drive PKI Explosion

In this Spotlight edition of the podcast, we’re joined by Brian Trzupek the Senior Vice President of Product at DigiCert. Brian and I take a look at the findings of a recent State of PKI Automation survey and the challenges organizations face as they look to manage a fast-growing population of tens of thousands of PKI certificates.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google PodcastsStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to to get notified whenever a new podcast is posted. 

Twenty years ago, Public Key Infrastructure, or PKI, had a pretty limited remit. Its first applications were securing email and physical access systems in security conscious environments like the military, intelligence community and government. With the explosion of the Internet, PKI became a foundational technology for securing web traffic and authenticating users to applications via technologies like SSL and TLS.

Brian Trzupek of DigiCert
Brian Trzupek is SVP of Products at DigiCert

Since then, both the scale and applications of PKI have transformed. Today, PKI and digital certificates are used to sign and secure electronic documents and – increasingly – to secure communications and interactions between billions of connected devices on the Internet of Things.  Moreover, as digital transformation and DEVOPS has taken hold within the enterprise, the demand for PKI to secure critical development and production infrastructure has exploded. 

Survey: 50,000 Certs on Average

In fact, a recent survey of PKI use in 400 enterprises worldwide found that the typical enterprise is managing more than 50,000 digital certificates, with most dedicated to securing users, servers, web applications, email and mobile devices. That’s a 43% jump year over year, according to the survey.

Not surprisingly, IT managers are feeling overwhelmed by the sudden growth in the population of certificates. 61% of those surveyed said they were concerned about the time required to manage certificates in their environment, while 47% reported having encountered “rogue” (or unmanaged) certificates. 

Automation to the Rescue

What explains the explosive growth of digital certificates? And what can organizations do to get on top of the job of managing their fast-growing PKI certificate population? To answer those questions, we invited Brian Trzupek, the Senior Vice President of Products at Digicert back into the Security Ledger studios. (You can check out our conversation on supply chain security in episode 216!)

In this conversation, Brian and I talk about the findings of Digicert’s recent State of PKI Automation Survey and the various ways that digital certificate use is proliferating within enterprises. We also talk about the dangers that lax certificate management courts, especially as the lifespan of digital certificates shortens and the scale of digital certificate deployments grows. Brian notes that organizations are increasingly looking to automate certificate management to reduce the strain on IT staff and to prevent disruptions linked to certificate expirations.