Security News > 2023 > September > Avoidable digital certificate issues fuel data breaches
Among organizations that have suffered data breaches 58% were caused by issues related to digital certificates, according to a report by AppViewX and Forrester Consulting.
According to the Forrester study, "Enterprise organizations have traditionally been less focused on managing machine identities compared to human ones, partly because they have different requirements and more complicated lifecycle and security challenges. These digital certificates offer authentication and protect sensitive information. Yet, few are confident in successfully layering and managing identity security across machines and navigating responsibility assignment for privacy and security."
58% of organizations that suffered a data breach attributed the cause to avoidable certificate-management related issues.
52% of organizations that suffered a service or application outage attributed the cause to certificated-related issues.
53% of decision-makers highlighted the need to balance management of human and machine identities and vulnerabilities in an increasingly complex IT, edge and hybrid-cloud environments as a top driver of their organizations' approach to MIM. According to respondents, the top two drivers for implementing MIM were the desire to reduce the risk of data breaches and gain visibility over certificates and keys across emerging technologies.
"We believe these findings demonstrate the risks and costs associated with lack of visibility and control over machine identity management, which can result in reputationally and financially damaging data breaches and service outages," said Murali Palanisamy, Chief Solutions Officer at AppViewX. "With machine-based identities multiplying exponentially, organizations need to implement an integrated approach to machine and human identity management as a foundation for identity-first security and path to zero trust."
News URL
https://www.helpnetsecurity.com/2023/09/06/digital-certificates-issues/