Intelligent CIO LATAM Issue 16 | Page 68

INTELLIGENT BRANDS // Enterprise Security

Companies bracing for over 500,000 machine identities within their organization by 2024

New research from Venafi details the proliferation of machine identities resulting in increased outages and breaches .

Venafi , the inventor and leading provider of machine identity management , has announced the findings of a global CIO survey outlining the average number of machine identities per organization at the end of 2021 , which reached nearly a quarter of a million ( 250,000 ) – an average 42 % increase versus the previous year .

As companies continue to experience rapid Digital Transformation , 94 % of respondents expect this growth to continue at the same rate or more , resulting in the average organization likely to have over 500,000 machines by 2024 .
Machine identities enable secure communication and authentication between machines – everything from servers and applications to cloud instances and algorithms – making them essential to securing Digital Transformation .
Yet the growth in machine identities is having an adverse effect – widespread sprawl and mismanagement . The accelerated shift to cloud and digital services is resulting in an increase of machine identity related outages and breaches .
Kevin Bocek , Vice President of Security Strategy and Threat Intelligence at Venafi
“ Like never before , we ’ re witnessing a huge explosion in the number of machines used by businesses ,” said Kevin Bocek , Vice President of Security Strategy and Threat Intelligence at Venafi .
“ As technology continues to drive streamlined business operations , providing machines with strong identity and authentication is essential . Yet this growth is causing an uncontrolled sprawl of identities .
“ The end result is the attack surface is widening and outages are on the rise . And it ’ s only going to get worse with the proliferation of machine identities and increased complexities – particularly with the growing adoption of more cloud-native environments , which make it harder for developers to gain visibility .”
The rise in machines has exposed outdated practices across IT and security teams . Close to two-thirds ( 64 %) of CIOs said that , rather than using a comprehensive machine identity management solution , they use various combinations of multiple solutions and processes . These include point solutions from their approved certificate authorities ( CAs ) and public cloud providers , as well as homegrown solutions and manual processes like spreadsheets .
“ The numbers speak for themselves – managing machine identities cannot be done in a manual and disjointed way . Organizations need a central view to manage these risks , or the business will suffer ,” Bocek continued .
“ The research is clear – the need for automation is essential to reduce risk and allow developers to concentrate on innovation . Implementing a machine identity management solution which automates the management of machine identities throughout their lifecycle and in any environment is the only way forward .” p
The survey of 1,000 global CIOs found that :
• 83 % of organizations have suffered a certificate-related outage during the last 12 months , with over a quarter ( 26 %) saying critical systems were impacted .
• 57 % have experienced security incidents or breaches related to compromised machine identities ( including TLS , SSH keys and code signing keys and certificates ).
68 INTELLIGENTCIO LATAM www . intelligentcio . com