DigiCert today announced that it is acquiring the CyberTrust Enterprise SSL business from Verizon Enterprise Solutions. DigiCert is already a well-known and well-respected certificate authority (CA) and includes IBM, Sony, Facebook VMware, Intel and Harvard University among its customer base.
The acquisition, the financial terms of which are not being publicly disclosed at this time, will further bolster DigiCert’s customer ranks, while providing new security certificate options to Verizon’s customers. However, it’s not clear at this point how many customers the Verizon SSL (Secure Sockets Layer) business has. DigiCert Vice President of Operations Flavio Martins noted that Verizon does not break out customer numbers.
“Verizon is focused on its strategic security offerings such as network, managed and advanced threat solutions,” Mike Denning, vice president, global security for Verizon Enterprise Solutions said. “Once the transition is complete, Verizon customers will have access to DigiCert’s managed public key infrastructure (PKI) platform, certificate lifecycle management tools and specialized expertise, further helping to safeguard an organization from cyber-threats.”
Martins added that DigiCert expects the acquisition will have little to no impact on Verizon employees, as the deal is focused on DigiCert extending its managed PKI solutions to Verizon customers and expanding its enterprise SSL customer base.
“Customers are our first priority,” he said. “We plan to work individually with every client to ensure a smooth transition to DigiCert’s industry-leading managed PKI services.”
Aside from customer acquisitions, there are also some technology assets that DigiCert will be picking up from Verizon as part of the SSL business acquisition. With the transaction, DigiCert will assume management of several root certificates along with intermediate certificates, Martins said.
“The addition of these roots and intermediates is for operational purposes,” he said. “The deal is mainly aimed at increasing DigiCert’s reach into the enterprise SSL market and giving Verizon customers the additional managed PKI solutions they need to continue to efficiently manage SSL/TLS [Transport Layer Security] in the future.”
The market for SSL is relatively mature, with the last major SSL/TLS acquisition being Symantec’s $1.28 billion purchase of VeriSign’s authentication business back in 2010.
While SSL/TLS and PKI remain the cornerstones of Internet and enterprise security, there have been numerous challenges in recent years. In fact, SSL itself is no longer a recommended protocol for secure transport, since the POODLE flaw was disclosed in November 2014. Most security experts and compliance requirements, including PCI-DSS (Payment Card Industry Data Security Standard), no longer accept SSL as a secure protocol and instead recommend the use of TLS, which is the successor to SSL.
In a recent video interview with eWEEK, DigiCert Chief Security Officer Jason Sabin detailed some of the security challenges facing his organization and its clients.
“We are the trusted authority to issue digital certificates,” Sabin said. “We’re always looking at new ways to increase validation.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.