Software vendor Venafi, a provider of "Next Generation Trust Protection", yesterday released details of its research into the impact on Australian businesses from unprotected cryptographic keys and digital certificates. The report was based on a survey of more than 2300 global IT security professionals and reveals how unprotected and poorly managed keys and certificates result in a loss of customers, costly outages, failed audits and security breaches. "When businesses fail to be properly secure and manage their keys and certificates, there is a direct financial impact with lost customers and lost revenue," said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. "Every business relies on the trust provided by keys and certificates to operate, even if they don't realise it. That's why it's imperative that IT ops and IT security teams conduct regular audits to locate all the certificates and keys they are using, determine expiration dates, and then put proper policies in place to avoid data breaches, unplanned outages, and failed audits."This increased reliance increases risk for availability, compliance, and security. However, the amount of risk is not equal across these areas—the security risks dwarf the availability and compliance risks nearly seven to one, with US$53 million of security risk over the next two years compared to US$7.2 million in combined compliance and availability business risks.Stephanie Jaques, senior project manager at Westpac (and a Venafi customer), said that all aspects of cyber security had been elevated to the bank's boardroom following major outages and hacks at other large corporations in recent years. Jaques said Westpac had boosted its investment in digital technologies - including 'business as usual' costs such as keeping a handle on their keys and certificates, as well as running a small scale operation in the past three months to test the group's reliance on keys and certificates.