‘IoT is the fastest growing force affecting PKI planning and evolution’ – Thales

The Internet of Things is the fastest growing trend driving the deployment of applications that use PKI (public key infrastructure), according to the latest report from Thales and the Ponemon Institute.

The IoT has emerged, along with the cloud, as the greatest disruptor to the future of PKI planning, as organisations increasingly relying on it as a core enterprise asset.

What is a PKI? A PKI is a set of roles, policies and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.

>Read more on How IoT is changing the game in the public sector

While many of the traditional challenges to PKI adoption remain, such as a lack of clear ownership, organisations are increasingly hiring PKI specialists and investing in additional security controls such as multi-factor authentication.

“In previous years, we highlighted PKI as an established technology positioned to tackle the authentication needs and challenges to support the rise of cloud applications,” said Dr Larry Ponemon, chairman and founder of The Ponemon Institute.

“Now, the c-suite is challenging its teams to leverage IoT to improve and drive business. With this comes the increased risk of more endpoints to protect, and the need to understand the role of PKI as a critical enabler. At the same time, this underscores the need for further advancement in skilling and resourcing related to PKI and the overall ownership within the organisation.”

The future of PKI

In the next two years, almost half of IoT devices will use digital certificates for authentication. As the IoT continues to grow, 27% of respondents said that PKI deployments for device credentialing will live in the cloud, with 43% a combination of both enterprise and cloud.

>Read more on The 4 modern challenges for the Internet of Things

Enterprises are beginning to encrypt data from IoT devices. As the technology emerges as top trend in driving deployment of PKI-enabled applications — in the healthcare and pharmaceutical sectors particularly — this should become more of a priority. The industrial/manufacturing sector led the charge in growth of PKI usage with an average of 43,000 certificates under management.

“In this era of digital transformation, where companies are deploying digital technologies to improve their operations, deliver value to customers and gain competitive advantage, IoT initiatives invariably are the backbone of those efforts,” said John Grimm, senior director security strategy, Thales eSecurity.

“Huge amounts of data are generated by and collected from a rapidly growing number of IoT devices, with the cloud playing a pivotal role in IoT solutions of the future. But there’s no point in collecting and analysing that data, and making business decisions based upon it if you’re not able to trust the devices or their data. For safe, secure IoT deployments organisations need to embrace time-tested security techniques, like PKI, to ensure the integrity and security of their IoT systems.”

Avatar photo

Nick Ismail

Nick Ismail is the editor for Information Age. He has a particular interest in smart technologies, AI and cyber security.