Perimeter

4/29/2010
04:32 PM
50%
50%

Symantec Takes $370 Million Plunge Into Encryption Market

Acquisitions of PGP, GuardianEdge will make security giant an immediate player, experts say

Symantec today placed a $370 million bet that encryption will play a key role in solving enterprises' future security problems.

In a single announcement, the security giant said it is acquiring PGP Corp. -- one of the industry's oldest and best-known enterprise email and data encryption tool vendors -- as well as GuardianEdge, which makes encryption tools for endpoint devices, such as laptops, smartphones, and portable storage devices.

Symantec will pay $300 million in cash for PGP and $70 million in cash for GuardianEdge.

Although it has built a huge business on security tools such as antivirus software and data leak protection, Symantec previously had not placed a high priority on encryption. Today's acquisitions show the company is making a shift in those priorities.

"Encryption technology is an important element of an information-centric security solution, as critical information is increasingly on mobile devices and in the cloud," the company said in a statement. "State and national governments are enacting more stringent and costly compliance mandates, such as the HITECH and UK Data Protection Acts, which are driving the need to encrypt sensitive information and protect an individual's privacy. Also, the increased costs and frequency of data breaches are driving the adoption of encryption as companies strive to mitigate risk.

"By bringing together PGP and GuardianEdge's standards-based encryption capabilities for full-disk, removable media, email, file, folder and smartphone, with Symantec's endpoint security, data loss prevention and gateway security offerings, Symantec will have the broadest set of integrated data protection solutions. This unique portfolio will address the data protection needs of all major customer segments from the largest enterprises and governments to small businesses and individuals."

Industry analysts generally praised the acquisition.

"Symantec has been showing that it is getting considerably better at acquisitions and integrations," says Nick Selby, managing director at security consultancy Trident Risk Management. "By adding GuardianEdge's largely already integrated management of endpoint and port and device control and PGP's key management and encryption chops -- not to mention PGP's acquired technology from Chosen -- Symantec is developing a credible answer to McAfee/Safeboot/Onigma and Sophos/Utimaco, though on a much larger scale."

"What I really like about these acquisitions is that they go well beyond PC full-disk encryption alone," says Jon Oltsik, principal analyst at Enterprise Strategy Group. "With PGP and GuardianEdge, Symantec gets a geographically dispersed installed base, a leading standards-based key management platform, a PKI SaaS offering, a strong government presence, and encryption coverage from mobile devices to mainframes.

"Yesterday, Symantec was lagging in encryption and key management. Today, with PGP and GuardianEdge, it is now able to provide leading solutions worldwide."

Symantec says it plans to integrate "key features and functionality from each company's offerings" and standardize on the PGP key management platform in order to deliver centralized policy and key management capabilities across the entire suite of encryption solutions.

Symantec also intends to integrate the PGP key management platform into the Symantec Protection Center, which simplifies security information management by providing consolidated access to threat, security, and operational reporting.

Integration of both companies' technologies into the Symantec product line will not be easy, Selby warns. "This is not a walk in the park," he says. "Large-scale key management and policy-based encryption in an enterprise are nontrivial tasks, and while Symantec is improving, it has in the past suffered from integration and organizational challenges."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
10 Ways to Protect Protocols That Aren't DNS
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/16/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10727
PUBLISHED: 2018-07-20
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive ...
CVE-2018-8018
PUBLISHED: 2018-07-20
Apache Ignite 2.5 and earlier serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a spe...
CVE-2018-14415
PUBLISHED: 2018-07-20
An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists via the fourth and fifth input elements on the admincp.php?app=prop&do=add screen.
CVE-2018-14418
PUBLISHED: 2018-07-20
In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI.
CVE-2018-14419
PUBLISHED: 2018-07-20
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.