2025-10-31, Fri.

Top Stories       Business       Culture & Life       Science & Technology       World

Lecture

Notification

 

NEWS > Science & Technology


CSC Finds 60% of Firms Use 3+ SSL Providers, Complicating Certificate Management and Raising Security Risks

Forthcoming changes to SSL/TLS certificate life cycles poised to disrupt certificate renewal strategy.
Date: 2025-10-31

WILMINGTON, DEL. -- CSC, an enterprise-class domain security provider and world leader in domain management, DNS, digital certificate management, brand protection, and anti-fraud solutions, released its inaugural report. “The SSL Landscape” finds that approximately 60% of businesses use three or more secure sockets layer (SSL) providers and suggests a lack of centralized processes for SSL management. This and other evidence further suggest organizations are ignoring or delaying the implementation of a strategic response to the upcoming shortening of SSL certificate life cycles and domain control validation (DCV) re-use periods, opening them up to multiple points of risk.

CSC’s “The SSL Landscape” provides an in-depth analysis on use trends and patterns for more than 802,000 digital certificates linked to 2.4 million domains, including how organizations oversee SSL certificates and the impact on integrity assurance for their domains. The research comes at a key time when SSL/transport layer security (TLS) certificate life cycles are set to shrink from 367 days to 200 starting in 2026 to just 47 by 2029, and DCV re-use periods will decline from 367 days to only 10 by 2028, as mandated by the CA/Browser Forum. Therefore, organizations must update their strategies for renewing certificates nearly eight times a year instead of roughly once a year.

“SSL certificates play a critical role in authenticating the legitimacy and safety of an online brand, including the validation of credentials and the encryption of the connection between a website’s server and a user’s browser,” says Mark Flegg, senior director of technology, CSC Security Products and Services. “As the industry approaches shortened SSL certificate renewal life cycles, organizations cannot afford to delay their transitions to certificate automation or to compromise the security of their organizations with fragmented SSL management. It’s concerning that 72% of respondents we surveyed were either completely unaware of or didn’t know the details of the upcoming industry changes—and as many are unsure of or not ready for automation. Missed renewals could further bring down entire domains and applications that are the backbone of business operations—such as payment gateways, email, VPN, and collaboration tools for chat, video calls, and document sharing.”

According to CSC's research, domain validated (DV) certificates account for three-quarters (73.5%) of certificates while organization validation (OV) certificates represent nearly one-quarter (24.6%) and extended validation (EV) certificates account for less than two percent (1.9%). With low-cost, easy-to-obtain DV certificates dominating the market among organizations, cybercriminals leverage this trend by obtaining similar low-cost certificates to impersonate brands—making fraudulent websites look authentic with a https-secured site—tricking customers into clicking malicious links that compromise data. This research raises concerns about whether IT and security departments have a clear strategy on which certificate is obtained for each type of web asset.

CSC’s findings additionally show that the top three certificate providers are not enterprise-class providers, yet these providers supply the majority of DV certificates (89%) used by the analyzed organizations. The combination of easy-to-obtain certificates and consumer-grade providers who don’t offer the enterprise-class support needed to help companies prepare for upcoming SSL industry changes creates a recipe for serious disruption to organization services and reputation.

“Organizations are about to face the most transformative period for domain security,” continues Flegg. “A lack of understanding around proper certificate strategy, and the absence of urgency to effectively prepare for new certificate life cycles, will leave many online brands and digital identities playing a never-ending game of catch up. Those who prioritize automation, consolidating their certificate solutions providers, and working with enterprise-class domain partners will ensure a smoother, safer transition that minimizes the risk of costly expiration outages and security incidents.”

For more information on key trends in SSL management, download “The SSL Landscape.” 

 to the Top List of News
Quectel Unveils Four GNSS Antennas With Advanced Modules And Global RTK Support To Expand Developer Options
LG Showcases Integrated Data Center Solutions at Data Center World Asia 2025
Sobi Selects Kinaxis to Accelerate Access to Life-Changing Treatments
CSC Finds 60% of Firms Use 3+ SSL Providers, Complicating Certificate Management and Raising Security Risks
LG Expands xboom Buds Lineup With Buds Plus and Buds Lite for Every Lifestyle
Quectel Unveils LR700A GNSS Receiver: Smart Base Station for RTK Networks or Standalone Precision Positioning
Boomi Agentstudio Achieves Rapid Adoption, Solidifying Boomi Enterprise Platform as Choice for Agentic AI at Scale

 
AI Glasses Market Poised to Hit 10 Million Units in 2026, Omdia Foreca...
DEWA collaborates with several organisations to expand EV fast chargin...
Games of the Future 2025 Set to Bring the World Together in UAE for th...
PhotonPay Partners with Thredd to Enhance Card Infrastructure
Quectel Strengthens GNSS Offering with RTKHOLD and Galileo OSNMA and H...
WHOOP Launches Clinician-Reviewed Advanced Labs, Unlocking a Comprehen...
Carta Acquires Accelex to Deliver AI-Powered Data Automation and Trans...
Neuraptive Begins Phase 3 Trial of NTX-001 for Upper Limb Nerve Repair...
SES Partners with Cailabs to Test Next-Generation Laser Communication ...
Vantiva and CommScope Achieve Download Speeds of 13Gbps with a Single ...

 

 

60, Gamasanro 27gil, Guro-gu, Seoul, Korea, e-mail: news@newsji.com

Copyright, NEWSJI NETWORK.