Notifications
Clear all
Topic starter
25/06/2026 2:57 pm
TL;DR: Certificate, device, and AI-era trust controls are converging into one governance problem, not separate tracks, according to DigiCert, which says it filed 32 patents in FY24, exceeding its initial target of 20 by 160%, with work spanning trust, certificates, IoT, content, encryption, machine learning and AI, and quantum security.
NHIMG editorial — based on content published by DigiCert: Pioneering the next wave of secure digital solutions
Questions worth separating out
Q: How should security teams govern certificate lifecycle at scale?
A: Security teams should treat certificate lifecycle as an ownership and workflow problem, not a purely technical renewal task.
Q: Why does digital trust now matter across IAM and NHI programmes?
A: Digital trust spans the identities that authenticate machines, applications, devices, and services, so failures in certificates or trust workflows directly affect access governance.
Q: When does AI-assisted trust automation create governance risk?
A: AI-assisted trust automation becomes risky when it starts influencing issuance, validation, or exception handling without clear human accountability.
Practitioner guidance
- Inventory certificate and trust dependencies Map where certificates, PKI workflows, and trust anchors are used across applications, devices, and service accounts so ownership is explicit before renewal or migration work begins.
- Separate AI-assisted validation from trust authority Document which trust decisions are only supported by machine learning and which decisions are actually authorised by policy, then require review for anything that changes identity, issuance, or verification state.
- Build a post-quantum transition inventory List cryptographic dependencies, long-lived certificates, and embedded libraries so you can prioritise systems that would be hardest to replace during a post-quantum migration.
What's in the full article
DigiCert's full blog covers the operational detail this post intentionally leaves for the source:
- Patent-category breakdowns that show how the company is prioritising trust, certificates, IoT, encryption, AI, and quantum work.
- The fiscal-year patent target and filing pace that explain the scale of the programme.
- Short descriptions of each innovation area, useful if you need to understand the patent themes rather than the governance implications.
- The forward-looking note on FY25 categories and innovation direction.
👉 Read DigiCert's blog on patents shaping the next wave of digital trust →
Digital trust patents: what do they mean for identity teams?
Explore further
25/06/2026 4:13 pm
Digital trust is becoming an identity governance problem, not just a cryptography problem. The patent mix spans certificates, IoT, AI, and encryption, which shows that trust now depends on how identities, devices, and transactions are issued and verified across the stack. That broadening matters because the failure mode is not one control breaking but multiple trust surfaces becoming harder to govern consistently. Practitioners should treat digital trust as a lifecycle and policy discipline, not a point product category.
A few things that frame the scale:
- 69% of organisations now have more machine identities than human ones, according to The Critical Gaps in Machine Identity Management report.
- 53% of organisations have experienced a security incident directly related to machine identity management failures, which shows the control gap is already operational, not theoretical.
A question worth separating out:
Q: What is the difference between certificate management and digital trust governance?
A: Certificate management handles the mechanics of issuance, renewal, and revocation. Digital trust governance is broader: it defines ownership, policy, evidence, escalation, and assurance across the systems that depend on those certificates. In practice, certificate management is one control inside a wider trust operating model.
👉 Read our full editorial: DigiCert patents point to the next phase of digital trust
