PGP Blogs

CEO Blog

PGP Acquisition of TC Trust Center and Chosen Security
Friday, February 5th, 2010

We are, of course, very pleased to announce the acquisition of TC TrustCenter and its US parent company, Chosen Security. You can read the details and view a short presentation describing the reasons for this acquisition here. I didn’t want to let the week pass, however, without offering a personal perspective on why PGP Corporation needs to have a position in the trust services market and why we chose TC TrustCenter as our way of providing these services.

When we started PGP Corporation seven years ago we were focused on building the most robust and easiest to use encryption solutions in the world. We had watched the first generation of PKI companies approach this problem from the direction of offering “trusted communications” and concluded the market and users in particular weren’t ready for that approach.

In 2002, enterprises and individuals had data privacy issues they needed resolved, but they needed them resolved quickly and within the context of the then existent communications infrastructure. That infrastructure was not yet ready to support a new, heavy-duty layer of security infrastructure. It would have been similar to building a 100-floor steel and glass skyscraper directly atop a three-story brownstone. So, instead PGP Corporation focused on applications that protect data in motion and at rest and integrated them into a single, comprehensive management platform.

Fast forward to 2010 and the world and the approach to data protection has evolved. While enterprises are now spending more than ever to protect their networks, it’s commonly understood that network security technology is not keeping pace with the threats now aimed at those networks. The cost of data breaches continues rise even though most forms of electronic communication have some form of security either built in or layered atop them. Nearly all of these security approaches depend upon keys and certificates that are used either to encrypt the content or guarantee the identity of the sender and/or receiver.

The problem is that there are now so many of these certificates in use for so many different purposes that it has become nearly impossible for an enterprise to effectively manage them all, let alone determine which are current and valid. This problem will only get worse as the world’s hacker community begins to exploit the weaknesses in the current certificate generation, distribution and management systems. We’ve already seen attempts to insert “bandit keys” into corporate key chains to allow hackers to read encrypted email. We can expect exploits such as this one to multiply in the coming years. For this reason, we decided last year that PGP Corporation would need to extend its encryption and security product line to include trust services so that our customers can use our products with confidence while communicating with the broadest range of customers, partners, and regulators globally.

We chose TC Trust Center as our path to market for two reasons. First, they bring unprecedented breadth and depth of experience to the trust services market. Their executive team has dozens of years of experience in the space and a proven track record of building successful security businesses.

Second, the way they have designed and built their products is completely consistent with PGP Corporation’s worldview. TC TrustCenter’s platform enables secure electronic transactions across individuals, servers, and mobile devices.

Today’s announcement, of course, is just the beginning. In the coming months we’ll be telling you about our vision of how combining trust services with the PGP® Encryption Platform will allow us to build solutions to address threats that are just now emerging. With hackers stockpiling Zero Day threats, and more applications and data moving into the cloud, these new security solutions will be required business enablers of the cloud migration plans for many enterprises. With the combined offerings of PGP Corporation, Chosen Security and TC TrustCenter, we will address threats aimed directly at IT infrastructure as well as the increasing number of threats now targeting endpoint devices . These trusted offerings will not only build confidence in the infrastructure of an organization, they will build confidence to withstand threats to data as it moves in and out of an organization.

We are very excited by the opportunities that combining our two companies and technologies offers us. I extend my welcome to my new TC TrustCenter and Chosen Security colleagues to the PGP Corporation family.

You can leave a response here, or send a Trackback from your own site.

Previous Article: Five Great Cloud Computing Security Resources
Next Article: PGP Key Management Server

This blog represents the personal opinions of certain employees of PGP Corporation and do not necessarily reflect the positions or opinions of PGP Corporation. As such, these personal opinions are not endorsed by PGP Corporation and you should conduct independent assessments before basing any decision upon the statements made in this blog.

MANAGERS, HOSTS, PARTICIPANTS, MODERATORS AND OTHER THIRD PARTIES ARE NOT AUTHORIZED PGP CORPORATION SPOKESPERSONS, AND THEIR VIEWS DO NOT NECESSARILY REFLECT THOSE OF PGP CORPORATION, AND ARE NOT ENDORSED BY PGP CORPORATION. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PGP CORPORATION WILL HAVE NO LIABILITY RELATED TO USER CONTENT ARISING UNDER INTELLECTUAL PROPERTY RIGHTS, LIBEL, PRIVACY, PUBLICITY, OBSCENITY OR OTHER LAWS. PGP CORPORATION WILL ALSO NOT BE LIABLE FOR MISUSE, LOSS, MODIFICATION OR UNAVAILABILITY OF ANY USER CONTENT. PGP CORPORATION DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, AND CONDITIONS, WHETHER EXPRESS OR IMPLIED WITH RESPECT TO THE BLOG OR BLOG CONTENT. YOUR USE OF THIS SITE AFFIRMS AGREEMENT TO THE FOREGOING.

PGP Blogs RSS Feed