Telecommunications operators
With the new CA/Browser Forum regulation reducing the validity of SSL/TLS certificates starting in March 2026, organizations must prepare. Adopting discovery and automation practices becomes essential to sustaining trust and maintaining resilience in an increasingly demanding digital environment.
Less than six months remain. On March 15, 2026, SSL/TLS digital certificates expire, and CISOs and IT teams will need to double the frequency with which they issue and renew security standards. This is due to a decision made by the CA/Browser Forum, the entity that regulates global digital trust standards. Ignoring the shortening of these timeframes risks leaving systems and networks exposed to vulnerabilities and failures that can cause serious problems. Some telcos are already suffering the consequences of not giving security the priority it demands.
Less than six months remain. On March 15, 2026, SSL/TLS digital certificates expire, and CISOs and IT teams will need to double the frequency with which they issue and renew security standards. This is due to a decision made by the CA/Browser Forum, the entity that regulates global digital trust standards. Ignoring the shortening of these timeframes risks leaving systems and networks exposed to vulnerabilities and failures that can cause serious problems. Some telcos are already suffering the consequences of not giving security the priority it demands.
While this change will affect companies of all types, the telecommunications sector bears an additional responsibility. They provide the infrastructure upon which any type of digital transformation initiative within organizations is built.
“In the telecommunications sector, where infrastructures are highly distributed and critical services must operate without interruption, the management of digital certificates requires special attention,” Néstor Markowicz, COO of CertiSur, told TeleSemana.com.
According to the executive, each expired certificate can cause essential services to go offline, client platforms to be blocked by browsers, or authentication and billing APIs to stop communicating correctly. In a matter of minutes, this can translate into massive service outages, lost revenue, and reputational damage.
The case of SK Telecom, which exposed the data of millions of its customers and received a hefty fine from the South Korean regulator, exemplifies the extent of organizational risk when security is neglected. When an SSL certificate expires and is not updated, critical environments like telecommunications face the risk of massive data breaches, among other incidents.
CertiSur confirmed that it can help companies simplify the discovery and automate the renewal of SSL certificates across multiple environments to prevent service outages, ensure operational continuity, and strengthen the security of all channels. This is especially important in an environment where availability is synonymous with trust, and proactive certificate management is a key requirement, as Markowicz explained.
“It’s impossible to maintain manual management in this new scenario. An IT analyst and Excel spreadsheets aren’t enough. The only viable alternative is automation,” the executive concluded.
“We are helping our clients prepare not only for 2026, but also for what’s to come: in 2027 the validity period will be reduced to 100 days, and in 2029 it will drop to just 47 days. The future of PKI management is, inevitably, with automation,” adds Markowicz.
With less than six months until the measure takes effect, the expected impact will be significant: it will double the workload of IT teams and test the maturity of companies’ digital security processes. The trust that organizations build with their customers will also depend on this security.
Fuente: TeleSemana