• United States



Contributing Writer

PGP’s “Under the Radar” Acquisition

Feb 03, 20102 mins
Cisco SystemsData and Information Security

Purchase of TC TrustCenter and ChosenSecurity Has Strong Potential

Today, PGP announced that it plans to acquire TC Trust Center and ChosenSecurity. Never heard of them? You are not alone. Basically, TC TrustCenter and ChosenSecurity provide Software-as-a-Service (SaaS) for Internet-based trust relationships. Okay, some of you may think that this is simply a way to spin PKI into marketing-speak and you are right to some extent. Why bury the PKI lead? Unfortunately there is a stigma around PKI that has lingered for years. In the past, few applications supported PKI and enterprise PKI servers were simply too difficult to install and manage. Yes, security professionals understand the benefits of PKI but they were scared to death by implementation, customization and administration horror stories.TC TrustCenter and ChosenSecurity didn’t change PKI, they simply mastered it themselves and made it virtually transparent to customers. As a result, PKI can be embedded into applications, identities, and systems as a service.To me, this acquisition has upside potential for PGP far beyond existing business growth because:1. PKI may be the perfect SaaS offering: It offers tremendous value without the resource commitment in skills, product acquisition, administration, etc. 2. What’s one of the things that is broken on the Internet? The element of trust. If I don’t know if a site is trustworthy, how can I be sure if downloaded software will perform as advertised or turn my system into a zombie? The same holds true for systems, individuals, transactions, etc. PKI, if implemented and managed correctly by a trusted third-party, can help address this problem.3. In my humble opinion, PKI as a service will be baked into a lot of things in the future (like cloud computing for example).4. I don’t know how much business PGP does with the U.S. Federal Government or other national governments now but it just put itself in a position to do a heck of a lot more.5. Finally, when we encrypt most of our data in the future, someone will have to manage millions of net new encryption keys. PGP is now in a position to act as a key management or key escrow service.I could go on and on but I won’t. I’ve always been one of few fans of PKI so PKI as a service brings out the excitable geek in me. Obviously, some of the folks at PGP share this enthusiasm.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author