Leading analysts report that the average cost of a critical infrastructure outage in Global 5000 organizations can average $5,600 per minute, or more than $300,000 per hour. For large networks, severe outages can take days to resolve and cost as much as $500,000 per hour or more. Certificate-related outages can be especially problematic in highly digital sectors like the financial services industry, where the impact on business revenue often goes hand in hand with customer experience and satisfaction.
So, are financial service organizations more likely to suffer from certificate-related outages? Venafi recently conducted of a study examining the scale and frequency of certificate-related outages in financial services organizations. Over 100 chief information officers (CIOs) in the financial services industry from the U.S., U.K., France, Germany and Australia participated in the study.
According to the results, financial services organizations are more likely to have digital certificate-related outages than other industries. In the last six months, 36 percent experienced an outage that impacted critical business applications or services. In addition, financial services CIOs are more concerned about the impact of certificate-related outages on their customers.
Additional findings from Venafi’s study include:
“Organizations from every sector struggle with certificate-related outages on critical infrastructure, but it’s clear that these issues are even more pronounced in the financial services industry,” said Kevin Bocek, vice president of security strategy and threat intelligence for Venafi. “The entire sector is focused on trust, performance and reliability, so they can’t afford service interruptions.”
Kevin continued: “At the same time, the industry has been transformed by open banking initiatives. As a result, financial services organizations rely on machine identities to secure and protect a wide range of business-critical, machine-to-machine communication. Unfortunately, these critical security assets are often unmanaged and unprotected, even though they protect mobile applications, containerization initiatives and cloud architectures.”