As the IT landscape evolves, organisations are facing new challenges related to the management of Transport Layer Security (TLS) certificates.
With the lifespan of these certificates set to decrease dramatically—from 398 days today to just 200 days by March 2026 and down to 47 days by 2029—CyberArk has introduced two new tools aimed at helping businesses navigate this impending change.
The TLS Certificate Renewal Impact Calculator and TLS Certificate Discovery Scan are geared towards IT and security leaders, providing insights into the operational and financial implications of more frequent certificate renewals. The urgency for such tools is underscored by the rising pressure on IT teams, which may struggle to cope with the increased volume of renewals, leading to potential costly outages.
In emphasising that the shift to shorter certificate lifespans represents not just a compliance issue, but a tangible business risk, CyberArk's general manager of machine identity security, Kurt Sand noted that organisations could face significant surges in renewal workloads that manual processes may fail to manage. This strain can lead to increased operational costs and a heightened risk of system outages.
The cost of manual certificate management
Currently, managing 500 TLS certificates manually can consume approximately 2,000 labour hours annually. However, projections indicate that this could escalate to over 24,000 hours by 2029 due to the planned increase in renewal frequency. This drastic rise in workload essentially necessitates expanding a small IT team to a much larger capacity, driving costs up significantly.
Moreover, CyberArk's research highlights a troubling trend: 72% of security leaders reported experiencing at least one certificate-related outage in the past year, with 67% encountering such disruptions monthly and 45% weekly. As the frequency of renewals increases, so too will the potential for outages that can severely impact both finances and reputation.
Understanding and proactive preparation
CyberArk’s new tools are designed to aid organisations in several ways:
- Proactive Management: Through guidance and the tools’ functionality, organisations can shift towards automated certificate lifecycle management, thereby mitigating outage risks and enhancing operational resilience.
- Exposure Visualization: Users can analyse how reduced lifespan will affect renewal volumes and labour requirements, allowing for better strategic planning.
- Informed Decision-Making: The tools enable companies to quantify operational costs and the return on investment (ROI) of transitioning to automated processes, helping to make a compelling case for investment.
