A groundbreaking study by Ponemon Institute, sponsored by CyberArk, reveals a troubling reality: most organizations are struggling to secure the very infrastructure that enables their digital trust. The January 2026 report surveyed 1,833 IT and security professionals across four continents, uncovering critical vulnerabilities in how companies manage Public Key Infrastructure (PKI) and digital certificates.
The Staggering Scale of the Problem
Organizations today manage an average of 114,591 internal certificates—the digital credentials that authenticate users, devices, and services across networks. Yet only 46 percent of companies express high confidence in their PKI’s ability to meet compliance requirements. This gap between volume and control creates a dangerous security exposure that most executives don’t fully understand.
What’s Breaking Down
The report identifies three primary obstacles undermining PKI security. Misconfigurations in PKI infrastructure top the list at 50 percent, followed closely by unplanned outages from expired certificates at 49 percent. Perhaps most concerning, 38 percent of organizations lack basic visibility into their certificate inventory—they literally don’t know what they have or where it is.
These aren’t theoretical concerns. Sixty percent of respondents reported experiencing weak cryptographic exploits, while 58 percent suffered third-party certificate authority compromises. Fifty-six percent dealt with unplanned outages due to certificate expiration or configuration errors—incidents that can bring business operations to a grinding halt.
The Resource Crisis
Organizations are fighting this battle severely understaffed. The typical company dedicates just four full-time employees to PKI management, and only 42 percent feel they have sufficient in-house expertise. This shortage has real consequences: 55 percent of teams report struggling to keep pace with the growing use of cryptographic keys and certificates.
The talent gap is driving 63 percent of organizations to outsource PKI management to managed security service providers, either currently or within the next few months. This trend reflects a broader recognition that internal teams simply cannot handle the complexity and scale of modern PKI demands.
Automation Emerges as the Answer
Forward-thinking organizations are turning to automation, with 51 percent now using automated certificate management systems. The benefits are clear: consistent execution across the enterprise, faster certificate renewal, and crucially, greater visibility and control over certificate inventories.
The research identifies “high performers”—organizations with strong confidence in their PKI compliance capabilities. These leaders are more likely to adopt AI for predicting certificate issues, maintain better visibility, and support their infrastructure with qualified personnel. They report significantly fewer operational burdens and stronger security outcomes than their peers.
The Road Ahead
Looking forward, unified visibility across environments ranks as the top strategic priority for 34 percent of organizations. The impending mandate reducing public TLS certificate validity to 47 days by March 2029 is already influencing modernization efforts for half of all companies.
The message from this research is unmistakable: PKI security sits at a critical inflection point. Organizations that invest now in automation, visibility tools, and skilled personnel will transform PKI from a vulnerability into a competitive advantage. Those who don’t risk joining the 60 percent who’ve already experienced security breaches linked to poor certificate management.
In an era where digital trust underpins every transaction, ignoring PKI security is no longer an option.
