Organizational outages related to machine identities set to see ‘sharp increase’, says Venafi survey

Venafi announced the results of a global survey of 1,000 CIOs, which shows that digital transformation drives an average annual growth of 42% in the number of machine identities. Since CIOs often have limited visibility into the number of machine identities on their networks, and these critical security assets are not prioritized in IAM and security budgets, CIOs should expect a large increase breakdowns and security vulnerabilities linked to the identity of the machines.

Machine identities enable secure login and authentication for every part of the IT infrastructure, from physical and virtual servers to IoT devices to software applications, APIs and containers. Whenever two machines need to authenticate each other, a machine identity is required. One hundred percent of CIOs say digital transformation is driving a dramatic increase in the number of machine identities their organizations need. Without an automated machine identity management program, organizations suffer from outages caused by expired machine identities and breaches caused by misuse or compromise of machine identities.

According to the Venafi-sponsored CIO study, the average organization was using nearly a quarter of a million (250,000) machine identities by the end of 2021. That’s a surprising number considering that experts in machine identity management at Venafi typically find that organizations initially underestimate machine identity populations by 50% or more because they have extremely limited visibility into the machine identities their organization needs.

At current growth rates, these same organizations can expect their machine identity inventory to more than double to at least 500,000 by 2024. Additionally, three-quarters of CIOs surveyed said they expect digital transformation initiatives to increase the number of machine identities in their organizations by 26% – with more than a quarter (27%) citing a percentage above 50%.

Key findings from the survey include:

  • 83% of organizations experienced a machine identity-related outage in the last 12 months; more than a quarter (26%) say critical systems have been affected.
  • 57% of organizations experienced at least one data breach or security incident related to compromised machine identities (including TLS, SSH keys, and code signing keys and certificates) during the same time period.

About Research

Conducted by Coleman Parkes Research, Venafi’s survey assessed the opinions of 1,000 CIOs in six countries/regions: US, UK, France, DACH (Germany, Austria, Switzerland), Benelux (Belgium, Netherlands , Luxembourg) and Australasia (Australia, New Zealand).

Aubrey L. Morgan