Notifications
Clear all
Topic starter
25/06/2026 10:23 pm
TL;DR: Machine identity management is being reshaped by tighter certificate lifetimes, agentic AI, evolving regulation and post-quantum planning, according to Keyfactor’s Spanish-language webinar on 14 July 2026. The governance gap is no longer theoretical: machine identity programmes must cope with shorter trust windows, more automation and a deeper cryptographic transition at the same time.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
- 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.
Questions worth separating out
Q: How should security teams manage machine identities when certificate lifetimes keep shrinking?
A: Security teams should automate discovery, issuance, renewal and revocation so certificate lifecycle work no longer depends on manual timing.
Q: Why do machine identities become harder to govern as AI and cloud adoption increase?
A: They become harder to govern because the number of non-human credentials rises faster than the processes built to track them.
Practitioner guidance
- Automate certificate issuance and renewal Map every TLS certificate to an owner, an expiry policy and a renewal workflow.
- Build a complete machine identity inventory Catalog service accounts, workload certificates, API keys and signing credentials across cloud, CI/CD and application platforms.
- Tie post-quantum work to cryptographic dependency mapping Identify where vulnerable algorithms are used, which applications depend on them, and which teams own replacement.
What to expect at the briefing
Keyfactor's full webinar covers the operational detail this post intentionally leaves for the source:
- The webinar walks through practical approaches to automating certificate and key management at scale across machine identity estates.
- It outlines how organisations can adapt to a 47-day TLS lifecycle and what that means for renewal workflows and governance.
- It previews the regulatory and post-quantum considerations that shape machine identity roadmaps for 2026 and beyond.
- It provides the Spanish-language presentation format and the CPE credit context for teams attending live.
👉 Register for Keyfactor's webinar on machine identity readiness for 2026 →
Machine identity readiness in 2026: are your controls keeping up?
Explore further
25/06/2026 10:54 pm
Machine identity sprawl has become a governance problem, not just an operations problem. When certificates, keys and workload credentials are managed as isolated infrastructure artefacts, the programme loses sight of ownership, lifecycle and blast radius. That is why machine identity now belongs in IAM and NHI governance, not only in platform operations. Practitioners should treat identity inventory and lifecycle control as the core programme boundary.
A few things that frame the scale:
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which explains why machine identity inventories so often lag behind the real estate.
A question worth separating out:
Q: Who should own machine identity and cryptographic readiness programmes?
A: Ownership should sit with the teams responsible for identity governance, platform security and critical application reliability, not a single operations silo. Machine identities affect access, availability and trust, so the programme needs shared accountability, a complete inventory and a migration plan that spans application, infrastructure and compliance concerns.
👉 Read our full editorial: Machine identity readiness for 2026: TLS, AI agents and quantum
