Very rarely do I ever get to witness the effects of a corporate takeover first hand but the acquisition of PGP by Symantec, announced lunchtime on the last day of InfoSec 2010, was to be different.
I had been through the usual InfoSec battering of interviews, key notes and random discussions which are the hallmark of this important annual event. My antenna was starting to pick up some odd behaviour chez PGP. Stranded executives unable to attend “because of the ash” (because of the cash?) coupled with a rather bizarre discussion with another very pre-occupied executive on the Thursday morning who insisted they “only had time for a 10 minute chat” and hid their laptop from view in the public display area.
Clearly something was not right.
I was sitting on the Symantec stand an hour or so later having a chat with a senior product person when I was told the news. What was to be a pleasant discussion about Symantec turned into a bit of a navel gazing exercise as we all ruminated about the ramifications of the deal.
Symantec has had an encryption-sized hole in their offering that had been papered over but never properly filled. Unlike McAfee, who realised the importance of encryption and went after Safeboot in late 2007, Symantec never really took the plunge until this week. The OEM relationship that Symantec had with GuardianEdge provided them with some data protection experience which has now been confirmed with the purchase of that company for a seemingly cheap £70M.
Certainly in the past I had heard good things about GuardianEdge but have been rather disappointed in their performance over the past couple of years as they seemed to retrench back to the US, neglecting EMEA. Maybe it was a BOGOF—Buy One Get One Free—and Symantec thought they may as well pay a bit more and get GuardianEdge as well.
PGP have been upping their game recently, as was demonstrated by the TrustCenter acquisition, taking them further into the security infrastructure world. The strategy appeared to resonate well and gave me cause to think that PGP had finally gotten their strategic act together and were set on a very interesting path. Clearly Symantec thought the same hence the $300M deal.
Symantec now have to turn this acquisition into something useful, and something that will prove the market wrong, many of whom consider them to be synonymous with irritating bloatwear. PGP is good, well proven technology that carries a strong brand and should not be sucked into the “Borg” never to be seen again.
As for the PGP people I saw on Thursday afternoon at InfoSec, clearly they were too junior to be counting their stock options and were actively considering their futures. I for one felt an urge to give them all a hug and tell them it will all come right in the end, my only hope is that I am right.