WILMINGTON, DEL. -- CSC, an enterprise-class domain security provider and world leader in domain management, DNS, digital certificate management, brand protection, and anti-fraud solutions, released its inaugural report. “The SSL Landscape” finds that approximately 60% of businesses use three or more secure sockets layer (SSL) providers and suggests a lack of centralized processes for SSL management. This and other evidence further suggest organizations are ignoring or delaying the implementation of a strategic response to the upcoming shortening of SSL certificate life cycles and domain control validation (DCV) re-use periods, opening them up to multiple points of risk.

CSC’s “The SSL Landscape” provides an in-depth analysis on use trends and patterns for more than 802,000 digital certificates linked to 2.4 million domains, including how organizations oversee SSL certificates and the impact on integrity assurance for their domains. The research comes at a key time when SSL/transport layer security (TLS) certificate life cycles are set to shrink from 367 days to 200 starting in 2026 to just 47 by 2029, and DCV re-use periods will decline from 367 days to only 10 by 2028, as mandated by the CA/Browser Forum. Therefore, organizations must update their strategies for renewing certificates nearly eight times a year instead of roughly once a year.

“SSL certificates play a critical role in authenticating the legitimacy and safety of an online brand, including the validation of credentials and the encryption of the connection between a website’s server and a user’s browser,” says Mark Flegg, senior director of technology, CSC Security Products and Services. “As the industry approaches shortened SSL certificate renewal life cycles, organizations cannot afford to delay their transitions to certificate automation or to compromise the security of their organizations with fragmented SSL management. It’s concerning that 72% of respondents we surveyed were either completely unaware of or didn’t know the details of the upcoming industry changes—and as many are unsure of or not ready for automation. Missed renewals could further bring down entire domains and applications that are the backbone of business operations—such as payment gateways, email, VPN, and collaboration tools for chat, video calls, and document sharing.”

According to CSC's research, domain validated (DV) certificates account for three-quarters (73.5%) of certificates while organization validation (OV) certificates represent nearly one-quarter (24.6%) and extended validation (EV) certificates account for less than two percent (1.9%). With low-cost, easy-to-obtain DV certificates dominating the market among organizations, cybercriminals leverage this trend by obtaining similar low-cost certificates to impersonate brands—making fraudulent websites look authentic with a https-secured site—tricking customers into clicking malicious links that compromise data. This research raises concerns about whether IT and security departments have a clear strategy on which certificate is obtained for each type of web asset.

CSC’s findings additionally show that the top three certificate providers are not enterprise-class providers, yet these providers supply the majority of DV certificates (89%) used by the analyzed organizations. The combination of easy-to-obtain certificates and consumer-grade providers who don’t offer the enterprise-class support needed to help companies prepare for upcoming SSL industry changes creates a recipe for serious disruption to organization services and reputation.

“Organizations are about to face the most transformative period for domain security,” continues Flegg. “A lack of understanding around proper certificate strategy, and the absence of urgency to effectively prepare for new certificate life cycles, will leave many online brands and digital identities playing a never-ending game of catch up. Those who prioritize automation, consolidating their certificate solutions providers, and working with enterprise-class domain partners will ensure a smoother, safer transition that minimizes the risk of costly expiration outages and security incidents.”

For more information on key trends in SSL management, download “The SSL Landscape.”