Growing certificate inventories, AI adoption, and preparation for quantum computing are increasing pressure on existing PKI environments. Digital certificate management is evolving from a back-office infrastructure task into a strategic business capability.
Public Key Infrastructure has been a foundational element of cybersecurity for decades. For many years it operated largely behind the scenes. That reality is changing. Organizations now manage significantly more digital identities, machine certificates, and cryptographic relationships than ever before. At the same time, expectations around availability, compliance, resilience, and governance continue to increase.
The DigiCert Global PKI Research Report 2026 suggests that many enterprises have reached a critical turning point. Most IT and security leaders understand the importance of modern PKI capabilities. However, a substantial gap remains between awareness and execution.
Visibility represents one of the most pressing challenges. Only about one-third of surveyed organizations report having a complete and current inventory of all digital certificates. Without that visibility, organizations struggle to accurately assess risk and prevent disruptions.
Concerns about outages are therefore well founded. Expired certificates remain a frequent source of service interruptions affecting critical business systems. At the same time, certificate volumes continue to grow as cloud services, IoT deployments, Zero Trust architectures, and machine identities expand.
Complexity is also increasing. Many enterprises rely on multiple certificate management approaches simultaneously, including internal certificate authorities, lifecycle management platforms, scripts, spreadsheets, and manual processes. This fragmentation complicates governance, visibility, and operational consistency.
Regulatory and industry developments add further urgency. Public TLS certificate validity periods are expected to continue shrinking. While shorter lifecycles do not necessarily increase the number of certificates, they require organizations to perform certificate management activities more frequently. Without automation, operational workloads can increase significantly.
Artificial intelligence introduces another dimension. Organizations need reliable mechanisms to verify content provenance, authenticate autonomous agents, and protect model integrity. As a result, PKI is becoming a core trust layer for AI-related initiatives.
Post-quantum readiness is also emerging as a strategic concern. Although many organizations recognize the potential impact of quantum computing on existing cryptographic systems, relatively few have completed comprehensive assessments. Visibility into certificates, keys, algorithms, and dependencies remains a prerequisite for future migration efforts.
The report also highlights encouraging progress. Organizations that have modernized PKI frequently report fewer outages, improved visibility, and greater operational efficiency. Successful modernization efforts typically begin with discovery and inventory initiatives, followed by governance, standardization, and automation.
The broader conclusion is clear: PKI is no longer simply a technical infrastructure component. It is becoming a strategic capability that supports digital resilience, trustworthy AI adoption, and long-term cryptographic agility.
Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Contact via Mail: jakob.jung@security-storage-und-channel-germany.de