Avoiding Automation Increases IT Risk
December 18, 2023
IT professionals understand the importance of automation in streamlining processes and improving efficiency within organizations, including the automation of digital certificates, which are crucial components of cybersecurity infrastructure. However, according to an article by Help Net Security, a survey revealed that IT teams face obstacles when it comes to adopting certificate automation.
38% of respondents cited compatibility and technical limitations as the main factors preventing automation. They expressed concerns about the lack of out-of-the-box solutions addressing issues like automated renewal support in certain systems (e.g., Windows, IIS, Plesk) and system incompatibility with standard automation solutions.
25% of participants highlighted cost and resource considerations as potential obstacles. They raised questions about the cost-effectiveness of creating custom solutions versus manual maintenance and worried about the resources needed for maintaining an automated solution.
An additional 20% admitted a lack of knowledge or expertise in choosing an automated solution. Some IT professionals may not fully understand the value of certificate automation or may lack familiarity with the requirements for automating their systems.
The survey indicated that IT professionals may not have fully grasped the impact on certificate lifecycle management as Google proposed reducing SSL/TLS validity to 90 days. Manual processes for managing certificates were identified as time-consuming, error-prone, and potentially leading to security breaches and operational disruptions.
The cost of not automating certificate lifecycle management can be substantial, as manual processes contribute to security breaches and compliance issues. A study found that over half of data breaches were caused by certificate issues, incurring costs exceeding $100,000 per certificate-related outage for 57% of participants.
To address these challenges, organizations are advised to undertake actions such as identifying and analyzing their certificates, researching the need for certificates, planning changes to certificate management, and ultimately implementing automation. In a world where data security and compliance are crucial, the importance of automating certificate lifecycle management extends beyond financial implications, encompassing potential reputational damage and legal consequences. Choosing the right automation partner is emphasized, with an understanding that automation should be tailored and guided by human expertise.
Critical intelligence for general counsel
Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.