When you think about the most exciting advances in IoT, energy, or infrastructure tech, you probably picture cutting-edge devices, data models, and platforms. What you don’t picture—but should—is a clean, well-integrated public key infrastructure (PKI) running behind it all.

That’s what stood out in our recent work with Wattwatchers, an Australian energy innovator scaling its smart device fleet to serve enterprise clients like utilities and commercial property managers. Their technical leap wasn’t just in the devices themselves, but in how they architected security into the core of their operations—from provisioning to firmware deployment.

From startup scrappiness to enterprise standards

Wattwatchers had the classic scale-up challenge: How do you grow from a lean startup serving consumers into a serious player in energy infrastructure—without bloating your team or breaking your processes?

The answer: you automate what’s critical, starting with trust.

As Wattwatchers moved toward launching their 6MW IoT device, the team needed to meet strict expectations around device identity, firmware integrity, and operational transparency. That meant integrating PKI and firmware signing directly into their CI/CD pipeline—not as an afterthought, but as a core function.

Why firmware signing is essential (and often underestimated)

In the IoT world, firmware isn’t just software—it’s the heartbeat of the device. If it's compromised, so is everything else. That’s why automated firmware signing is increasingly seen as a non-negotiable part of secure device management.

For Wattwatchers, this meant ensuring every firmware update was cryptographically signed and verified before deployment. They didn’t just want the ability to sign—they needed it embedded into every release cycle without manual touchpoints.

This kind of automation has two big benefits:

1. It locks down the software supply chain, ensuring only verified code runs on devices.
2. It keeps developers moving, integrating security into the flow of the work instead of bolting it on at the end.

In Wattwatchers’s case, the process went from “how would we even start” to “fully operational in under a week.”

API-first security: Why usability matters

One of the most interesting insights from Wattwatchers’s implementation was how much they valued API usability. Their feedback on the DigiCert API boiled down to this: "It thinks the way we do."

That’s more than just praise—it’s a reflection of a critical shift in enterprise security. When teams choose solutions that prioritize developer experience, they get faster adoption, cleaner integration, and better long-term outcomes.

For security tools to succeed in fast-moving environments like IoT or DevOps, they need to meet the team where they are: in the CI pipeline, in the deployment scripts, in the real-world workflows—not behind a slow GUI or a rigid protocol.

Why it worked: Security and scale without the sprawl

Wattwatchers achieved what many scaling tech companies aim for: enterprise-grade security without scaling up operational complexity.

By automating certificate provisioning and firmware signing, they built a secure infrastructure that’s ready for long device lifecycles, stringent compliance needs, and enterprise-level scrutiny—without needing to dramatically grow their team.

In fact, Wattwatchers estimates the approach saved them over AU$40,000 in deployment costs.

But more importantly, it unlocked new business. Roughly half of their current sales pipeline includes customers that demand this level of security. Without it, those deals wouldn’t be on the table.

Wattwatchers’s journey offers a playbook for IoT companies looking to scale smart—and secure. Read the full case study to see how they automated their device trust infrastructure with DigiCert ONE.

The latest developments in digital trust

Want to learn more about topics like DigiCert ONE, PKI, or the Internet of Things? Subscribe to the DigiCert blog to ensure you never miss a story.