I spoke with Kevin Weiss, CEO of Sectigo about the major trends driving today’s certificate lifecycle management (CLM) market, including the pressing need for certificate automation as these digital assets proliferate.
Sectigo issues certificates that enable customers to encrypt traffic between websites and users, among other purposes. “So we not only issued 255 million certificates last year, we moved into the certificate lifecycle management space where we help people automate certificates,” Weiss said.
The company’s automation service includes managing SSL certificates issued by both Sectigo and other certificate vendors, on both the public and private side of the market, ranging from web sites to servers to enterprise workloads.
“When you think about all the servers and hardware that are out there, there are probably 10 times as many machines as there are people. And then when you think about workloads, it’s infinitely greater than the number of machines. So the proliferation of certificates and the need to encrypt traffic and transactions – inside the firewall and outside the firewall into servers – has gone up exponentially over the last five to ten years. It’s really exploded.”
Watch the full interview or jump to select interview highlights below.
Interview Highlights: Kevin Weiss on Key Trends in CLM
This interview took place at the recent RSA Conference in San Francisco. The comments below have been edited for length and clarity.
The Need for Automation
“The certificate lifecycle management business has been around for probably 10 years,” Weiss said. The problem is that as new certifications have proliferated, certificate management hasn’t kept up. Plenty of companies are still trying to manage their certs using Excel spreadsheets.
“Good old Excel still works very, very well,” he said. “But as you get more and more certificates and as people change jobs or somebody leaves the business, the ability to access the spreadsheet and know when a certificate is going to expire becomes a real challenge. We see this every day.
“If you look at last year, for example, Starlink went offline and it was offline for maybe three or four hours. And the next day Elon [Musk] tweeted that, ‘apologies, we had an expired certificate. We’ll do better.’
“So expired certificates can be very, very problematic for making your services available. Certificates are left out there in an environment and aren’t focused on. And if a bad actor gets a hold of it and begins to compromise your environment, that’s a problem. So the need to know where all of your certificates are in an environment, both on the public facing side and inside the firewall, is critical. And that’s what is really driving the need for this automation.”
Sectigo and SCM Pro
“What I like to say is: perfection is the enemy of the good enough. And so what Sectigo is trying to do is tackle 80 to 90 percent of what most enterprises need and then help them fill in the gaps later on. For us, the real goal is to continue to make [service] available.
“We just announced a product recently for the small end of the market, which we call SCM Pro, and it’s a certificate lifecycle management solution for small businesses. And basically we automate the entire lifecycle of that certificate. Once you sign up for the service, we’ll manage it forever for you.”