New data reveals widespread concern but low readiness as enterprises face the dual threats of shrinking certificate validity and quantum risk
Sectigo, a global leader in digital certificates and automated Certificate Lifecycle Management (CLM), today announced the findings of its inaugural State of Crypto Agility report, with data and insights analyzed by global research firm Omdia. The comprehensive report explores enterprise readiness for two major shifts reshaping digital trust: the CA/Browser Forum's mandate to reduce SSL/TLS certificate lifespans to just 47 days by 2029 and the migration to post-quantum cryptography (PQC) by 2030.
"SSL/TLS public certificates and their underlying cryptography have been remarkably stable for 30 years, acting as an invisible component of IT infrastructure, but that era is over," said Tim Callan, chief compliance officer at Sectigo. "Today, certificates are front and center in the fight to secure our digital future. Building certificate agility now is the fastest path to achieving the crypto agility required for post-quantum cryptography readiness later."
Both changes individually represent significant operational and security challenges, but together they demand a transformative approach toward cryptographic agility. 90% of organizations recognize an overlap between their preparedness efforts for short-lived certificates and PQC readiness, with the transition to 47-day certificates serving as an essential onramp to PQC adoption. Yet overall organizational readiness for either remains critically low.
Key findings from 272 global IT decision makers across industries and business sizes include:
47-day SSL/TLS certificates
- 96% of organizations are concerned about the impact of shorter SSL/TLS certificate lifespans on their business. Less than 1 in 5 (19%) organizations feel very prepared to support the coming shift to 47-day certificate renewal cycles.
- Only 5% have fully automated certificate management, leaving a staggering 95% who remain at least partially dependent on manual processes, dramatically increasing operational and disruption risk as renewal frequencies accelerate.
- Just 28% have a complete certificate inventory, and only 13% are extremely confident they are tracking all (even rogue) certificates.
PQC migration
- 98% of organizations have or expect to experience challenges with PQC implementation and 92% expect to encounter some sort of barrier during PQC implementation.
- Only 14% have conducted a full assessment of quantum-vulnerable systems.
- Only 15% feel extremely confident in their ability to integrate PQC without major disruption.
- 90% have budgets allocated to PQC preparedness initiatives within the next 12 months and 92% expect to increase that investment over the next 2-3 years.
"The data underscores a critical inflection point for enterprises," said Rik Turner, chief analyst, cybersecurity, at Omdia. "Managing shorter certificate lifecycles cannot be treated as a separate IT task; it is central to building crypto agility necessary for the PQC transition. The coming years will test organizations' ability to adapt their cryptographic infrastructure at scale under pressure, and those who fail to prepare now face heightened operational and cybersecurity risk."
Sectigo remains committed to providing organizations with the tools, expertise, and guidance required to tackle these twin transitions head-on, ensuring a resilient and future-ready digital trust framework. You can read the full report here.
Additional resources
Explore report findings in-depth with the following additional resources including webinars hosted by Sectigo's Jason Soroko, senior fellow, and Tim Callan, chief compliance officer:
- Webinar: State of Crypto Agility (PQC focus), September 2, 2025. Register here.
- Webinar: State of Crypto Agility (47-day certificates focus), September 30, 2025. Register here.
- Blog: "The 2025 State of Crypto Agility Report"
About Sectigo
Sectigo is the most innovative provider of certificate lifecycle management (CLM), delivering comprehensive solutions that secure human and machine identities for the world's largest brands. Sectigo's automated, cloud-native CLM platform issues and manages digital certificates across all certificate authorities (CAs) to simplify and improve security protocols within the enterprise. Sectigo is one of the largest, longest standing, and most reputable CAs with more than 700,000 customers, six combined active seats in the CA/Browser Forum and ETSI, and two decades of delivering unparalleled digital trust. For more information, visit www.sectigo.com or follow us on LinkedIn.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250819381415/en/
Contacts:
Media Contact:
press@sectigo.com