Perimeter

4/29/2010
04:32 PM
50%
50%

Symantec Takes $370 Million Plunge Into Encryption Market

Acquisitions of PGP, GuardianEdge will make security giant an immediate player, experts say

Symantec today placed a $370 million bet that encryption will play a key role in solving enterprises' future security problems.

In a single announcement, the security giant said it is acquiring PGP Corp. -- one of the industry's oldest and best-known enterprise email and data encryption tool vendors -- as well as GuardianEdge, which makes encryption tools for endpoint devices, such as laptops, smartphones, and portable storage devices.

Symantec will pay $300 million in cash for PGP and $70 million in cash for GuardianEdge.

Although it has built a huge business on security tools such as antivirus software and data leak protection, Symantec previously had not placed a high priority on encryption. Today's acquisitions show the company is making a shift in those priorities.

"Encryption technology is an important element of an information-centric security solution, as critical information is increasingly on mobile devices and in the cloud," the company said in a statement. "State and national governments are enacting more stringent and costly compliance mandates, such as the HITECH and UK Data Protection Acts, which are driving the need to encrypt sensitive information and protect an individual's privacy. Also, the increased costs and frequency of data breaches are driving the adoption of encryption as companies strive to mitigate risk.

"By bringing together PGP and GuardianEdge's standards-based encryption capabilities for full-disk, removable media, email, file, folder and smartphone, with Symantec's endpoint security, data loss prevention and gateway security offerings, Symantec will have the broadest set of integrated data protection solutions. This unique portfolio will address the data protection needs of all major customer segments from the largest enterprises and governments to small businesses and individuals."

Industry analysts generally praised the acquisition.

"Symantec has been showing that it is getting considerably better at acquisitions and integrations," says Nick Selby, managing director at security consultancy Trident Risk Management. "By adding GuardianEdge's largely already integrated management of endpoint and port and device control and PGP's key management and encryption chops -- not to mention PGP's acquired technology from Chosen -- Symantec is developing a credible answer to McAfee/Safeboot/Onigma and Sophos/Utimaco, though on a much larger scale."

"What I really like about these acquisitions is that they go well beyond PC full-disk encryption alone," says Jon Oltsik, principal analyst at Enterprise Strategy Group. "With PGP and GuardianEdge, Symantec gets a geographically dispersed installed base, a leading standards-based key management platform, a PKI SaaS offering, a strong government presence, and encryption coverage from mobile devices to mainframes.

"Yesterday, Symantec was lagging in encryption and key management. Today, with PGP and GuardianEdge, it is now able to provide leading solutions worldwide."

Symantec says it plans to integrate "key features and functionality from each company's offerings" and standardize on the PGP key management platform in order to deliver centralized policy and key management capabilities across the entire suite of encryption solutions.

Symantec also intends to integrate the PGP key management platform into the Symantec Protection Center, which simplifies security information management by providing consolidated access to threat, security, and operational reporting.

Integration of both companies' technologies into the Symantec product line will not be easy, Selby warns. "This is not a walk in the park," he says. "Large-scale key management and policy-based encryption in an enterprise are nontrivial tasks, and while Symantec is improving, it has in the past suffered from integration and organizational challenges."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8030
PUBLISHED: 2018-06-20
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 a...
CVE-2018-1117
PUBLISHED: 2018-06-20
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this cou...
CVE-2018-11701
PUBLISHED: 2018-06-20
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
CVE-2018-11702
PUBLISHED: 2018-06-20
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
CVE-2018-11703
PUBLISHED: 2018-06-20
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.