As SSL certificate lifespans shrink and quantum threats move closer to reality, organizations are being pushed to rethink how they manage trust, automation, and cryptographic resilience. In this conversation with Tech Achieve Media, Anant Deshpande, Regional Vice President, India & ASEAN at DigiCert, shares insights on how Indian organizations are preparing for zero-touch automation, navigating varying levels of digital maturity, and future-proofing their security posture with DigiCert ONE while also ensuring post-quantum readiness and measurable business outcomes.
TAM: Industry trends suggest that by late 2026, we might see the first “internet-breaking” outages due to 6-month (or shorter) SSL certificate lifespans. How does the local DigiCert ONE instance specifically help Indian organizations achieve the “Zero-Touch Automation” required to survive 45-day certificate cycles?
Anant Deshpande: I think India is very much aligned with global trends. From my personal experience and conversations with customers, Indian organizations clearly recognize that these capabilities need to be put in place, and they have already started gearing up for it. In fact, we are already seeing early wins, including deployments of the DC1 platform across multiple organizations.
This is not limited to public certificates alone, but also extends to private certificates and software trust signing. That said, the early adopters are likely to be sectors such as banking, financial services, and telecommunications. These are the organizations that will probably step in first and lead the adoption.
TAM: With enterprises at varying levels of digital readiness, what approach do you take to help less-digitized organizations successfully adopt zero-touch automation?
Anant Deshpande: We already have several self-service models in place, and if you visit digicert.com today, you’ll see that clearly. There is a strong focus on enabling self-service for customers. A big part of this is our use of open APIs. We recognize that customers operate in very diverse environments, so we’ve built flexibility into the platform and given them the ability to integrate easily with our systems. Whether it’s a small setup running on Azure or AWS, or any other cloud platform, customers can essentially get started with just a few clicks. That’s the kind of simple, user-friendly, self-service experience we aim to provide.
TAM: With Q-Day still some time away and broader urgency yet to fully set in, how do you ensure that the post-quantum cryptography capabilities being integrated into local DigiCert ONE instances today do not become obsolete or “dead on arrival”?
Anant Deshpande: It won’t be dead on arrival because it’s governed by a set of standards that are built directly into the platform, specifically the FIPS standards used by NIST. We’re already compliant with these standards. We’re working with multiple algorithms, including 204 and 205, with 206 on the way, what many people may recognize as Sphincs, Falcon, and Dilithium. These are already embedded into the platform today. Because of that, this is not something that will be obsolete at launch.
Also read: DigiCert Flags Five Key Digital Trust Trends Reshaping Enterprise and AI Security
TAM: What according to you are the measured performance gains of moving the PKI (Public Key Infrastructure) engine to DigiCert ONE?
Anant Deshpande: Once customers start operationalizing these platform capabilities, the next question is how to measure them effectively. What we usually tell customers is to relate everything back to business metrics. For example, metrics like MTTR and MTDD, which is time to respond and time to detect, are commonly used from a hardware or infrastructure perspective. The challenge is extending that same thinking into PKI.
The second step is to build a complete picture of the organization’s digital cryptography landscape. This means understanding where you are compliant and where you are not. Organizations typically have a mix of long-lived, short-lived, and even extremely short-lived certificates that sometimes last only minutes in containerized environments. That makes having a full inventory and composition of certificates and software critical.
From there, you move into composition analysis. The third step is to review applications, starting with the most business-critical ones, and assess, from a PKI standpoint, how well they align with overall security hygiene and regulatory requirements. That’s usually the right place to begin.
Finally, you look at blind spots. This includes metrics such as the number of open and unpatched vulnerabilities. Tracking these gives organizations a clear baseline, where they are today and where they want to be over the next five or six months, based on their own processes and priorities.
TAM: So who actually loses sleep over compliance and cyber risk now?
Anant Deshpande: The answer is simple: DigiCert does, so our customers don’t have to.
