In an environment where digital security underpins global operations, a new report from Entrust reveals persistent gaps in how organizations handle their cryptographic tools. As quantum computing advances loom closer, many businesses are struggling with oversight of encryption keys and certificates, heightening vulnerabilities to data breaches and operational disruptions.
According to the research findings, this stagnation comes at a critical juncture, with experts warning that outdated encryption methods could soon be rendered obsolete by emerging technologies.
The research study, which surveyed cybersecurity professionals worldwide, underscores that visibility into cryptographic assets has not improved significantly.
Only about 43% of organizations claim complete insight into their certificates, while a substantial 68% describe managing these elements as highly challenging.
This lack of transparency complicates efforts to update or replace weak encryption, leaving systems exposed to potential failures.
In the United States, the situation mirrors global trends, amplifying concerns as regulatory and technological pressures mount.
Quantum threats are particularly alarming, with readiness levels actually declining.
Just 40% of U.S. firms and 38% internationally are actively shifting to post-quantum cryptography (PQC), a drop from the prior year’s figures.
More than half of American respondents—54%—anticipate a quantum machine capable of cracking traditional RSA and ECC encryption within the next five years.
This timeline aligns with guidelines from bodies like NIST and the NSA, which plan to phase out such algorithms by 2030 and ban them entirely by 2035.
The implications are severe: 58% fear losing control over encrypted critical infrastructure, and 59% worry about the compromise of sensitive information like financial or medical data.
Compounding these issues is the rapid shortening of certificate validity periods.
Under mandates from the CA/Browser Forum, lifespans will shrink from 398 days to a mere 47 days by 2029.
This change demands greater automation to avoid widespread outages, yet many organizations lack the foundational visibility needed to implement such systems effectively.
Obstacles to progress are multifaceted.
Limited oversight tops the list for 41% of participants, followed by funding shortages (39%, an increase from 31% last year) and insufficient skills (38%, up from 28%).
These hurdles suggest that without targeted interventions, the gap between current practices and required defenses will widen.
To counter these risks, Entrust advocates for immediate steps to enhance cryptographic oversight.
By gaining better control over assets, companies can automate certificate renewals, facilitate transitions to resilient algorithms, and mitigate disruptions from brief lifecycles.
Investing in quantum-resistant infrastructure, such as advanced hardware security modules and public key systems, is essential for long-term data protection.
The report emphasizes urgency, noting that solutions exist today to fortify environments against impending quantum disruptions and evolving standards.
As quantum computing edges toward reality, this Entrust analysis hopefully serves as a wake-up call.
The Entrust update concluded that organizations must prioritize cryptographic hygiene to safeguard their digital ecosystems. Delaying action could lead to catastrophic exposures, but proactive measures offer a path to resilience in an increasingly quantum-aware ecosystem.
