Telecommunications operators face a new cybersecurity challenge with accelerated digital certificate renewal

Less than six months remain. On March 15, 2026, SSL/TLS digital certificates expire and CISOs and IT teams will need to double the frequency at which they issue and renew security standards. This is due to a decision adopted by the CA/Browser Forum, the entity that regulates global digital trust standards. Failing to pay attention to the shortening of these time windows risks leaving systems and networks exposed to vulnerabilities and failures that can generate serious problems. Some telcos are already suffering the consequences of not giving security the priority it demands. It will be a challenge for those responsible for cybersecurity in organizations, especially among those companies—perhaps the smaller ones—that still perform this work manually. As certificate validity periods are reduced, any error in management can result in expirations, service interruptions, or critical vulnerabilities. And in those environments where administration is still handled with spreadsheets, scattered reminders, or decentralized processes, the risk of failures is increasing. While this is a change that will affect companies across all types of activities, the telecommunications sector bears additional responsibility. They provide the infrastructure upon which any digital transformation initiative within organizations is built. "In the telecommunications sector, where infrastructures are highly distributed and critical services must operate without interruption, digital certificate management requires special attention," Néstor Markowicz, COO of CertiSur, told TeleSemana.com. For the executive, each expired certificate can cause essential services to go offline, customer platforms to be blocked by browsers, or authentication and billing APIs to stop communicating correctly. In a matter of minutes, this can translate into massive service outages, loss of revenue, and reputational damage. The case of SK Telecom, which exposed the data of millions of its customers and received a heavy penalty from South Korea's regulator, is an example of how far organizational risk extends when security is not given due attention. When an SSL expires and the corresponding update is not made, in critical environments like telecommunications, there is a risk of massive sensitive data breaches, among other incidents. CertiSur assured that it is possible to help companies simplify certificate discovery and automate SSL certificate renewal across multiple environments to avoid service outages, ensure operational continuity, and strengthen security across all channels. Especially in an environment where availability is synonymous with trust, and maintaining proactive certificate management is a key requirement, as expressed by Markowicz. "It is impossible to maintain manual management in this new scenario. An IT analyst and an Excel spreadsheet are not enough. The only viable alternative is automation," concluded the executive. "We are helping our customers prepare not only for 2026, but also for what comes next: in 2027 validity will be reduced to 100 days and in 2029 it will drop to just 47 days. The future of PKI management is, inevitably, with automation," adds Markowicz. With less than six months until the measure takes effect, the expected impact will be significant: it will double the workload of IT teams and will test the maturity of digital security processes in companies. The trust that organizations generate with their customers will also depend on that security.Source: TeleSemana