2025-11-29, Sat.

Top Stories       Business       Culture & Life       Science & Technology       World

Lecture

Notification

 

NEWS > Science & Technology


CSC Finds 60% of Firms Use 3+ SSL Providers, Complicating Certificate Management and Raising Security Risks

Forthcoming changes to SSL/TLS certificate life cycles poised to disrupt certificate renewal strategy.
Date: 2025-10-31

WILMINGTON, DEL. -- CSC, an enterprise-class domain security provider and world leader in domain management, DNS, digital certificate management, brand protection, and anti-fraud solutions, released its inaugural report. “The SSL Landscape” finds that approximately 60% of businesses use three or more secure sockets layer (SSL) providers and suggests a lack of centralized processes for SSL management. This and other evidence further suggest organizations are ignoring or delaying the implementation of a strategic response to the upcoming shortening of SSL certificate life cycles and domain control validation (DCV) re-use periods, opening them up to multiple points of risk.

CSC’s “The SSL Landscape” provides an in-depth analysis on use trends and patterns for more than 802,000 digital certificates linked to 2.4 million domains, including how organizations oversee SSL certificates and the impact on integrity assurance for their domains. The research comes at a key time when SSL/transport layer security (TLS) certificate life cycles are set to shrink from 367 days to 200 starting in 2026 to just 47 by 2029, and DCV re-use periods will decline from 367 days to only 10 by 2028, as mandated by the CA/Browser Forum. Therefore, organizations must update their strategies for renewing certificates nearly eight times a year instead of roughly once a year.

“SSL certificates play a critical role in authenticating the legitimacy and safety of an online brand, including the validation of credentials and the encryption of the connection between a website’s server and a user’s browser,” says Mark Flegg, senior director of technology, CSC Security Products and Services. “As the industry approaches shortened SSL certificate renewal life cycles, organizations cannot afford to delay their transitions to certificate automation or to compromise the security of their organizations with fragmented SSL management. It’s concerning that 72% of respondents we surveyed were either completely unaware of or didn’t know the details of the upcoming industry changes—and as many are unsure of or not ready for automation. Missed renewals could further bring down entire domains and applications that are the backbone of business operations—such as payment gateways, email, VPN, and collaboration tools for chat, video calls, and document sharing.”

According to CSC's research, domain validated (DV) certificates account for three-quarters (73.5%) of certificates while organization validation (OV) certificates represent nearly one-quarter (24.6%) and extended validation (EV) certificates account for less than two percent (1.9%). With low-cost, easy-to-obtain DV certificates dominating the market among organizations, cybercriminals leverage this trend by obtaining similar low-cost certificates to impersonate brands—making fraudulent websites look authentic with a https-secured site—tricking customers into clicking malicious links that compromise data. This research raises concerns about whether IT and security departments have a clear strategy on which certificate is obtained for each type of web asset.

CSC’s findings additionally show that the top three certificate providers are not enterprise-class providers, yet these providers supply the majority of DV certificates (89%) used by the analyzed organizations. The combination of easy-to-obtain certificates and consumer-grade providers who don’t offer the enterprise-class support needed to help companies prepare for upcoming SSL industry changes creates a recipe for serious disruption to organization services and reputation.

“Organizations are about to face the most transformative period for domain security,” continues Flegg. “A lack of understanding around proper certificate strategy, and the absence of urgency to effectively prepare for new certificate life cycles, will leave many online brands and digital identities playing a never-ending game of catch up. Those who prioritize automation, consolidating their certificate solutions providers, and working with enterprise-class domain partners will ensure a smoother, safer transition that minimizes the risk of costly expiration outages and security incidents.”

For more information on key trends in SSL management, download “The SSL Landscape.” 

 to the Top List of News
SK pharmteco Achieves Highest-Level My Green Lab Certifications Across Europe and Asia
Mainland China¡¯s Smartphone Market Declined 3% in 3Q25 as Vivo Regained Top Position Amid Intensifying Competition
IQM collaborates with NVIDIA on NVQLink to enable scalable quantum error correction
Digital Access Reaches Four in Five People Worldwide, DCO¡¯s DEN 2025 Finds
A Day With Charles Lonergan, Manufacturing Director at LG¡¯s Tennessee Smart Factory
IQM to Invest Over ¢æ40 Million to Expand Finland Production Facility, Accelerate Innovation and Fuel Growth
AsiaIPEX Creative Hub - The Global Platform for Creative Intellectual Property

 
IFF Plans New Scent Creative Center in Mumbai, India
Rigaku opens Rigaku Technology Center Taiwan
Esri Signs Strategic Collaboration Agreement with AWS to Advance Gener...
NURI SCIENCE Expands into Latin American Market through Exclusive Part...
SG Entertech Expands Snack VR to Southeast Asia, Seeking Local Partner...
Berry Consultants Releases FACTS 8 Clinical Trial Simulator
LambdaTest Unveils AI-Powered Web Scanner for Scalable Visual and Acce...
Altimetrik Completes Acquisition of SLK Software, Uniting Strengths to...
Merck Advances Patient-Centered Innovation in Treating Rare Neuromuscu...
NetApp and the 49ers Foundation Launch Data Science Education Partners...

 

 

60, Gamasanro 27gil, Guro-gu, Seoul, Korea, e-mail: news@newsji.com

Copyright, NEWSJI NETWORK.