Certificate mismanagement is draining enterprise resources and eroding digital trust

DigiCert has released new findings from its Trust Pulse Survey highlighting the business impact of mismanaged digital certificates. Nearly half of all enterprises surveyed experienced downtime due to certificate-related incidents in the past year—resulting in significant financial losses, service disruptions, and reputational harm.

  • Tuesday, 8th July 2025 Posted 3 weeks ago in by Phil Alsop

As organizations scale their digital operations, the volume and complexity of certificates have outpaced manual management methods, leaving enterprises vulnerable to outages, compliance failures, and escalating security risks. Regulatory frameworks such as HIPAA, EU DORA, PCI DSS, and forthcoming CA/B Forum changes are placing increased emphasis on certificate management. By 2029, major browsers will enforce 47-day certificate lifespans, while the push toward quantum-safe algorithms will break legacy PKI configurations and overwhelm manual processes—making modernization not optional, but essential. 

  

“PKI certificates are the invisible backbone of the world’s digital civilization—and when they are mismanaged, the organizations feel it,” said Ashley Stevenson, Vice President of Product and Solutions Marketing at DigiCert. “The survey findings make one thing clear: manual approaches can’t keep up with the scale, speed, and scrutiny organizations are under today. Enterprises need automation and visibility to reduce risk, maintain compliance, and preserve customer trust. Certificate management is no longer a tactical task—it’s a strategic necessity worthy of the same maturity and governance as other foundational disciplines like identity management.” 

 

The Hidden Cost of Expired Certificates: Downtime and Dollars Lost 

Despite the central role digital certificates play in securing infrastructure, communication, and identity, many organizations still manage them manually or with fragmented tools. The result is that nearly half of respondents (45%) reported experiencing service downtime due to certificate-related incidents in the last year. A further 37.5% attributed outages specifically to expired certificates— one of the most preventable causes of disruption in enterprise environments. 

  

And the financial toll is not insignificant: 31% of organizations reported losses between $50,000 and $250,000, while 18.5% lost more than $250,000 due to certificate-related issues. The operational impact is equally troubling: more than half of respondents endured 5 to 24 hours of downtime, and 15.4% experienced 25 hours or more. 

  

Growing Complexity, Shrinking Visibility 

Certificate volumes are rising across industries, with 80% of respondents expecting growth in the next 12 months. Yet organizations remain underprepared. While nearly 60% of respondents manage between 1,000 and 10,000 certificates, more than half (56.6%) expressed concern about their ability to track certificate expiration dates. Without automation, human error and system misconfiguration become inevitable. 

  

From IT Headache to Executive Mandate 

What was once considered a backend IT task is now an executive concern. CISOs and other senior security leaders ranked customer trust (62.2%), regulatory compliance (61.7%), and certificate expiration (56.6%) as their top worries related to certificate management—underscoring the growing importance of certificate management in maintaining operational resilience. 

 

Looking Ahead: Automation and Agility as Top Priorities 

The survey highlights a clear direction forward: 51% of respondents named automated certificate lifecycle management a top strategic priority for 2025, followed closely by IoT standardization (49.5%). The organizations that succeed will be those that treat digital trust as an enterprise-wide imperative—not a background task. 

SolarWinds report suggests IT leaders underestimate the impact of broken processes and limited staff.
CISPE appeals Broadcom's VMware acquisition approval, citing competition risks and exclusion of smaller providers.
Red Hat introduces updates to streamline partner interactions, focusing on specialisation and demand generation for enhanced synergy.
Cynomi's 2025 State of the vCISO Report reveals AI's profound impact on service delivery and the burgeoning opportunities in the cybersecurity sector.
By Artur Martins, CISO | Cybersecurity Strategy Executive Advisor, Logicalis.

Adarma collapses into administration, losing 173 jobs

Posted 6 days ago by Aaron Sandhu
Cybersecurity firm Adarma has collapsed into administration, resulting in 173 job losses after financial struggles and investor withdrawal brought...
Acronis partners with Metrofile Cloud to enhance disaster recovery, offering advanced solutions tailored for Southern Africa's business landscape.
Network disruptions cost UK businesses millions, prompting renewed focus on connectivity and related IT investments.