HID Study Finds PKI Teams Under Pressure From AI, Compliance and Quantum Risk
PKI teams are being pushed to automate faster, prepare for quantum-era risks and secure emerging AI-driven identities, according to a new HID study.
HID has released a new market study showing that public key infrastructure is entering a period of rapid change as organizations respond to AI, automation, and post-quantum computing challenges. Reporting on a survey of more than 300 IT leaders in the US and Europe, HID says shrinking certificate lifespans, mounting compliance demands, and the rise of AI agents are forcing security teams to rethink how they manage digital trust.
HID reported that 76% of organizations have incorporated cloud components into their PKI infrastructure, but only 23% rely on fully cloud-based deployments.
According to HID, automation has become a top priority as manual certificate management is becoming increasingly difficult to sustain. The company noted that the CA/Browser Forum has approved a phased reduction in TLS certificate validity from 398 days to 47 days by 2029, a shift that is already driving change. HID said 67% of executives surveyed are automating renewal processes, while 61% plan to invest in PKI automation over the next 24 months.
The study also points to growing interest in PKI-as-a-service, although adoption of fully cloud-based PKI remains limited. HID reported that 76% of organizations have incorporated cloud components into their PKI infrastructure, but only 23% rely on fully cloud-based deployments. Larger enterprises, especially those with more than 100,000 employees, are leaning more toward hybrid models that combine cloud flexibility with on-premises control.
Compliance is another major driver. HID said nearly half of surveyed executives, or 45%, view regulatory compliance as one of the main business goals of PKI, while 39% treat it as a formal KPI. The company linked this trend to expanding regulatory pressure from frameworks and laws such as GDPR, the Cyber Resilience Act, NIS2 and HIPAA.
At the same time, readiness for post-quantum cryptography remains relatively slow. HID reported that only 12% of respondents are piloting PQC, while 25% are developing plans and 37% are still monitoring standards. The company added that larger enterprises and US-based organizations are moving faster than smaller peers, reflecting the scale and complexity of the coming transition.
HID also identified AI agents as a new identity category for PKI strategies. According to the study, 34% of organizations see AI agent certificates as a top trend, underlining how machine-to-machine trust is becoming a bigger part of enterprise security planning.
Image: HID Global Newsroom
