PGP INSIGHT
PGP CEO Blog
Subscribe to CEO Blog via RSS.
The NEW Data Wars Have Begun
17 Sep, 2008
Continue reading...
- Phil
17 Sep, 2008
Chapter 3: New Enemy, New Strategies, and a Few Old Weapons
If you’ve been following my blogs for the last couple of weeks, you know that we have entered a new phase in the war against hackers and cybercriminals. Moving forward, the bulk of data breaches perpetrated against private and public enterprises will be driven by large well-organized criminal syndicates based primarily in Eastern Europe and Asia.Continue reading...
- Phil
Bletchley Park Needs YOUR Help
10 Sep, 2008
Yesterday I had the privilege of visiting Bletchley Park to announce a new initiative that PGP Corporation is co-sponsoring with IBM to support the fine work being done at The National Museum of Computing (TNMOC) in the United Kingdom. TNMOC is housed at the same Bletchley Park facility that hosted the largest code breaking operation of World War II. It is dedicated to preserving the computing machines and history that have been critical in the development of Europe’s IT industry and the study of computer science worldwide. TNMOC already contains the largest collection of functioning historic computing devices in Europe.
Continue reading...
- Phil
10 Sep, 2008
Yesterday I had the privilege of visiting Bletchley Park to announce a new initiative that PGP Corporation is co-sponsoring with IBM to support the fine work being done at The National Museum of Computing (TNMOC) in the United Kingdom. TNMOC is housed at the same Bletchley Park facility that hosted the largest code breaking operation of World War II. It is dedicated to preserving the computing machines and history that have been critical in the development of Europe’s IT industry and the study of computer science worldwide. TNMOC already contains the largest collection of functioning historic computing devices in Europe.
Continue reading...
- Phil
The NEW Data Wars Have Begun
09 Sep, 2008
Continue reading...
- Phil
09 Sep, 2008
Chapter 2: Armies and Insurrections
I’ve written previously about the dangers of “fixed embattlements” in both warfare and data security. I’d like to extend this metaphor one step to provide some perspective on the changes that are now occurring in the war on cybercrime as well as how we need to change our mindset. This is big business for criminals, in one year alone the cost of cybercrime has jumped from $2 billion in 2006 to $7.1 billion in 2007 (http://www.baselinemag.com/c/a/Security/US-Fails-to-Prosecute-Internet-Fraud-Cases-Report) so we need to look at how the war is being fought if are even going to begin to win some battles.Continue reading...
- Phil
The NEW Data Wars Have Begun
07 Aug, 2008
It was heartening to see the news yesterday that eleven suspects have been arrested and charged with executing the epic TJX data breach. It was the largest data breach ever recorded when it occurred. The thieves made off with more than 40 million customer credit card records and authorities now estimate personal and corporate losses are in the hundreds of millions of dollars and rising. While the arrests are certainly good news, this case points out some of the key changes that have occurred in the battle to protect confidential information in the last couple of years.
Continue reading...
- Phil
07 Aug, 2008
It was heartening to see the news yesterday that eleven suspects have been arrested and charged with executing the epic TJX data breach. It was the largest data breach ever recorded when it occurred. The thieves made off with more than 40 million customer credit card records and authorities now estimate personal and corporate losses are in the hundreds of millions of dollars and rising. While the arrests are certainly good news, this case points out some of the key changes that have occurred in the battle to protect confidential information in the last couple of years.
Continue reading...
- Phil
Vannevar Bush
01 Apr, 2008
March marked the 118th anniversary of the birth of Vannevar Bush. Little known outside of “Big Science” circles, Bush was responsible for the development of the federal scientific research system as we now know it. Bush (no relationship to either President) was responsible for putting in place the system of collaboration between civilian scientists and the military that enabled the development of many of the weapons systems that were directly responsible for the Allied victory in World War II including the proximity fuse, sonar, and the Norden bombsite.
Continue reading...
- Phil
01 Apr, 2008
March marked the 118th anniversary of the birth of Vannevar Bush. Little known outside of “Big Science” circles, Bush was responsible for the development of the federal scientific research system as we now know it. Bush (no relationship to either President) was responsible for putting in place the system of collaboration between civilian scientists and the military that enabled the development of many of the weapons systems that were directly responsible for the Allied victory in World War II including the proximity fuse, sonar, and the Norden bombsite.
Continue reading...
- Phil
Cold Boot Attack Commentary
24 Mar, 2008
It’s been really interesting watching the variety of reactions to the announcement two weeks ago that a Princeton based team had found a way to extract data (including encryption keys) from laptops even when they are supposedly "off".
Continue reading...
- Phil
24 Mar, 2008
It’s been really interesting watching the variety of reactions to the announcement two weeks ago that a Princeton based team had found a way to extract data (including encryption keys) from laptops even when they are supposedly "off".
Continue reading...
- Phil
Metrics that Matter
08 Feb, 2008
Regular readers of this blog know that I rarely use this space to directly promote PGP Corporation, preferring instead to focus on issues relating to public policy and individual privacy. Recently, though, I’ve started to notice a disconcerting trend in the way vendors, particularly in the security space, discuss their accomplishments. I have to admit that I’m grateful I’m not an IT executive these days trying separate the wheat from the chaff.
Continue reading...
- Phil
08 Feb, 2008
Regular readers of this blog know that I rarely use this space to directly promote PGP Corporation, preferring instead to focus on issues relating to public policy and individual privacy. Recently, though, I’ve started to notice a disconcerting trend in the way vendors, particularly in the security space, discuss their accomplishments. I have to admit that I’m grateful I’m not an IT executive these days trying separate the wheat from the chaff.
Continue reading...
- Phil
2007
The 2007 Seasons Greeting: "We've lost your data. Happy holidays!"
19 Dec, 2007
Back on January 2 of this year, I wrote that 2006 would be remembered as the "Year of the data breach," and expressed my hope that 2007 would be remembered as the "Year of Secure Data." Proving the utter folly of making predictions about the future, 2007 didn't exactly turn out that way. As 2007 draws to a close, it's clear that it was a far worse year for data breaches than 2006. In fact, we didn't even make out of January before T.J. Maxx announced it had lost the personal information of 93 million people, making this the largest loss of personal information in history. The company disclosed last week that it expects to spend at least $500 million dealing with the breach because it now faces 19 separate law suits and investigations by the FTC and 37 state Attorneys General.
Continue reading...
- Phil
19 Dec, 2007
Back on January 2 of this year, I wrote that 2006 would be remembered as the "Year of the data breach," and expressed my hope that 2007 would be remembered as the "Year of Secure Data." Proving the utter folly of making predictions about the future, 2007 didn't exactly turn out that way. As 2007 draws to a close, it's clear that it was a far worse year for data breaches than 2006. In fact, we didn't even make out of January before T.J. Maxx announced it had lost the personal information of 93 million people, making this the largest loss of personal information in history. The company disclosed last week that it expects to spend at least $500 million dealing with the breach because it now faces 19 separate law suits and investigations by the FTC and 37 state Attorneys General.
Continue reading...
- Phil
Related Links
Privacy Rights Clearinghouse Economist Offline Identity Theft Office of Privacy Protection
Privacy Rights Clearinghouse Economist Offline Identity Theft Office of Privacy Protection
Do Not Track
28 Nov, 2007
You may have noticed the news out of Washington that the Federal Trade Commission (FTC) held a workshop a few weeks ago on the topic of "behavioral targeting" of Internet advertising. For those of you not familiar with the term, it basically involves presenting advertising based on your specific Web usage patterns.
Continue reading...
- Phil
28 Nov, 2007
You may have noticed the news out of Washington that the Federal Trade Commission (FTC) held a workshop a few weeks ago on the topic of "behavioral targeting" of Internet advertising. For those of you not familiar with the term, it basically involves presenting advertising based on your specific Web usage patterns.
Continue reading...
- Phil
IBM Keynote
01 Nov, 2007
I had the privilege recently of delivering the keynote address at the 4th Annual IDC Security Forum in New York with Julie Donohue, IBM's VP of Security and Privacy Practices. Those of you who are regular readers of my blog know that I’ve been preaching the need to "Protect the Data" since we re-formed PGP Corporation 5 years ago. What I learned in listening to Julie is that the ideas we were promoting in 2002 have gone mainstream in a big way.
Continue reading...
- Phil
01 Nov, 2007
I had the privilege recently of delivering the keynote address at the 4th Annual IDC Security Forum in New York with Julie Donohue, IBM's VP of Security and Privacy Practices. Those of you who are regular readers of my blog know that I’ve been preaching the need to "Protect the Data" since we re-formed PGP Corporation 5 years ago. What I learned in listening to Julie is that the ideas we were promoting in 2002 have gone mainstream in a big way.
Continue reading...
- Phil
Related Links
Corporate Currency
Corporate Currency
Hotels need to offer data security, not just a nice view
11 Oct, 2007
One of the most fun parts of my job is when my friends tell me how they're using PGP products to protect their personal and professional information. Whether it's preventing their children from inadvertently altering financial records or preventing competitors from accessing new product plans, I always enjoy these stories tremendously.
Continue reading...
- Phil
11 Oct, 2007
One of the most fun parts of my job is when my friends tell me how they're using PGP products to protect their personal and professional information. Whether it's preventing their children from inadvertently altering financial records or preventing competitors from accessing new product plans, I always enjoy these stories tremendously.
Continue reading...
- Phil
Corporate Currency
03 August, 2007
Last month, we initiated PGP Corporation's participation in a new program to highlight the risks associated with unsecured corporate data. We believe that data is the new corporate "currency," and we're committed to bringing products and practices into the mainstream that treat it as such. The interesting thing about this particular metaphor is that it’s quite instructive in highlighting just how far we have to go in developing standards of conduct for handling confidential information.
Continue reading...
- Phil
03 August, 2007
Last month, we initiated PGP Corporation's participation in a new program to highlight the risks associated with unsecured corporate data. We believe that data is the new corporate "currency," and we're committed to bringing products and practices into the mainstream that treat it as such. The interesting thing about this particular metaphor is that it’s quite instructive in highlighting just how far we have to go in developing standards of conduct for handling confidential information.
Continue reading...
- Phil
Do You Have the Time?
29 May, 2007
This year marks the 60th anniversary of the creation of the Bulletin of Atomic Scientists' famed Doomsday Clock. The clock was originally conceived as a way to promote the risks associated with the unconstrained proliferation of nuclear weapons. Although it's certainly a morbid metaphor, there's no denying the Doomsday Clock has achieved its primary objective: No nation has chosen to exercise its supposed first-strike capability since the clock first appeared.
Continue reading...
- Phil
29 May, 2007
This year marks the 60th anniversary of the creation of the Bulletin of Atomic Scientists' famed Doomsday Clock. The clock was originally conceived as a way to promote the risks associated with the unconstrained proliferation of nuclear weapons. Although it's certainly a morbid metaphor, there's no denying the Doomsday Clock has achieved its primary objective: No nation has chosen to exercise its supposed first-strike capability since the clock first appeared.
Continue reading...
- Phil
H1B Visa Program: If it's broke, please DO fix it!
20 Apr, 2007
Newspapers from coast to coast covered last week’s announcement by the U.S. Citizenship and Immigration Service that they had received more than 150,000 applications for the 65,000 H1B visas available this year. The more startling aspect of the announcement was that it was made the same day the program opened for the year.
Continue reading...
- Phil
20 Apr, 2007
Newspapers from coast to coast covered last week’s announcement by the U.S. Citizenship and Immigration Service that they had received more than 150,000 applications for the 65,000 H1B visas available this year. The more startling aspect of the announcement was that it was made the same day the program opened for the year.
Continue reading...
- Phil
Psychology of Security & Privacy
19 Mar, 2007
One of the most interesting and under-reported events at the recent RSA® Conference 2007 was the release of a paper by Bruce Schneier. Entitled "The Psychology of Security", the paper focuses not on how to make systems more secure, but on the plethora of variables that determine whether or not we feel secure as individuals. The paper is available at www.schneier.com/essay-155.html, and I encourage anyone with an interest in computer or any other kind of security to review it.
Continue reading...
- Phil
19 Mar, 2007
One of the most interesting and under-reported events at the recent RSA® Conference 2007 was the release of a paper by Bruce Schneier. Entitled "The Psychology of Security", the paper focuses not on how to make systems more secure, but on the plethora of variables that determine whether or not we feel secure as individuals. The paper is available at www.schneier.com/essay-155.html, and I encourage anyone with an interest in computer or any other kind of security to review it.
Continue reading...
- Phil
Protecting Information: In the Zoo or Out in the Jungle?
14 Feb, 2007
As it does every winter, the information security industry gathered last week in San Francisco for the annual RSA Conference. More than 300 vendors and 15,000 security professionals focused on one thing: making companies more secure. And there was one obvious and I think very positive development this year: For the first time, there was a real focus on protecting not just the network infrastructure, but also the data that resides therein.
Continue reading...
- Phil
14 Feb, 2007
As it does every winter, the information security industry gathered last week in San Francisco for the annual RSA Conference. More than 300 vendors and 15,000 security professionals focused on one thing: making companies more secure. And there was one obvious and I think very positive development this year: For the first time, there was a real focus on protecting not just the network infrastructure, but also the data that resides therein.
Continue reading...
- Phil
Related Links
RSA Conference 2007
RSA Conference 2007
The Perfect Wave
12 Jan, 2007
At this time of year, the world's best professional surfers gather just south of San Francisco at a beach called "Mavericks". They gather and they pray for the the giant storms to form 2,000 miles to the north in the Gulf of Alaska. When the weather and currents all cooperate, the result is some of the largest perfect waves on earth. In 1994, the leading big-wave surfer in the world caught one of these forces of nature at Mavericks and died surfing it. This is not a game for the faint of heart.
Continue reading...
- Phil
12 Jan, 2007
At this time of year, the world's best professional surfers gather just south of San Francisco at a beach called "Mavericks". They gather and they pray for the the giant storms to form 2,000 miles to the north in the Gulf of Alaska. When the weather and currents all cooperate, the result is some of the largest perfect waves on earth. In 1994, the leading big-wave surfer in the world caught one of these forces of nature at Mavericks and died surfing it. This is not a game for the faint of heart.
Continue reading...
- Phil
Related Links
PGP Products
PGP Products
2007: The Year of Secure Data
02 Jan, 2007
One clinical definition of insanity is doing the same thing over and over while expecting a different outcome. When it comes to information security, 2006 proved this maxim. Based on the number of reported data breaches, it's clear that the classic methods of protecting confidential information aren't working as intended. From simple laptop theft to the kind of socially engineered breach experienced by ChoicePoint, the "bad guys" appear to be winning the war—and nearly all the battles.
Continue reading...
- Phil
02 Jan, 2007
One clinical definition of insanity is doing the same thing over and over while expecting a different outcome. When it comes to information security, 2006 proved this maxim. Based on the number of reported data breaches, it's clear that the classic methods of protecting confidential information aren't working as intended. From simple laptop theft to the kind of socially engineered breach experienced by ChoicePoint, the "bad guys" appear to be winning the war—and nearly all the battles.
Continue reading...
- Phil
Related Links
2006 CSI/FBI report
2006 CSI/FBI report
2006
Celebrating 15 Years of PGP Encryption
14 Nov, 2006
We are celebrating a number of anniversaries this quarter in the cryptography community. Today, PGP Corporation acknowledged the 15-year anniversary of Phil Zimmermann's first release of PGP® encryption. As Phil noted in today's press release, back then, cryptography was considered a criminal act in some quarters and today it's being legally mandated in many parts of the world. Yes, we have come a long way, but we still have a long way to go.
Continue reading...
- Phil
14 Nov, 2006
We are celebrating a number of anniversaries this quarter in the cryptography community. Today, PGP Corporation acknowledged the 15-year anniversary of Phil Zimmermann's first release of PGP® encryption. As Phil noted in today's press release, back then, cryptography was considered a criminal act in some quarters and today it's being legally mandated in many parts of the world. Yes, we have come a long way, but we still have a long way to go.
Continue reading...
- Phil
Offline Identity Theft
30 Oct, 2006
Last week, we covered the myriad ways your identity can be stolen using simple offline techniques. This week, we’ll look at the slightly more sophisticated and no less criminal approaches being used by online crooks. Let me make one observation before I dive into this topic. In the computer business, we’re prone to giving things cute names to indicate they’re new or somehow important. I think we can credit Steve Jobs with starting this phenomenon when he began naming products after fruit. Just as there were apples long before there were computers, there were also offline versions of things like phishing and pharming long before there was an Internet. And make no mistake about it: All of these are crimes, regardless of what they’re called or how they’re perpetrated, and should be treated as such by both consumers and the criminal justice system.
Continue reading...
- Phil
30 Oct, 2006
Last week, we covered the myriad ways your identity can be stolen using simple offline techniques. This week, we’ll look at the slightly more sophisticated and no less criminal approaches being used by online crooks. Let me make one observation before I dive into this topic. In the computer business, we’re prone to giving things cute names to indicate they’re new or somehow important. I think we can credit Steve Jobs with starting this phenomenon when he began naming products after fruit. Just as there were apples long before there were computers, there were also offline versions of things like phishing and pharming long before there was an Internet. And make no mistake about it: All of these are crimes, regardless of what they’re called or how they’re perpetrated, and should be treated as such by both consumers and the criminal justice system.
Continue reading...
- Phil
Offline Identity Theft
23 Oct, 2006
I’d like to spend the next 2 weeks discussing identity theft. Why? First, because it’s the fastest-growing crime in North America. Second, because we’re all vulnerable. If you don’t think it can happen to you, read the story of how the District Attorney of Harris County, Texas, who prosecutes dozens of identity theft cases each year, became a victim. Third, it’s relatively easy to make yourself an unappealing target for identity thieves. Although it’s nearly impossible to protect yourself completely from this pernicious crime, you can make it so hard to steal your identity (and hence your money) that most thieves will move on to an easier target. Although PGP products can help protect you in some very specific ways, that’s not why I’m writing these columns. As we’ll see, the main weapons in preventing identity theft are common sense and diligence.
Continue reading...
- Phil
23 Oct, 2006
I’d like to spend the next 2 weeks discussing identity theft. Why? First, because it’s the fastest-growing crime in North America. Second, because we’re all vulnerable. If you don’t think it can happen to you, read the story of how the District Attorney of Harris County, Texas, who prosecutes dozens of identity theft cases each year, became a victim. Third, it’s relatively easy to make yourself an unappealing target for identity thieves. Although it’s nearly impossible to protect yourself completely from this pernicious crime, you can make it so hard to steal your identity (and hence your money) that most thieves will move on to an easier target. Although PGP products can help protect you in some very specific ways, that’s not why I’m writing these columns. As we’ll see, the main weapons in preventing identity theft are common sense and diligence.
Continue reading...
- Phil
Encryption: Myths and Urban Legends
27 Sep, 2006
PGP Corporation recently commissioned a study that, among other things, measured common beliefs about encryption. I continue to be surprised by the myths and misconceptions that surround this subject. Because I'm assuming that most readers of my blog have an interest in both understanding and propagating the facts about encryption, I've summarized below some of the more common "urban myths" this research has uncovered. Most of you will recognize the following list as legacy problems associated with first-generation PKI systems.
Continue reading...
- Phil
27 Sep, 2006
PGP Corporation recently commissioned a study that, among other things, measured common beliefs about encryption. I continue to be surprised by the myths and misconceptions that surround this subject. Because I'm assuming that most readers of my blog have an interest in both understanding and propagating the facts about encryption, I've summarized below some of the more common "urban myths" this research has uncovered. Most of you will recognize the following list as legacy problems associated with first-generation PKI systems.
Continue reading...
- Phil
Related Links
PGP Additional Decryption Key (ADK)
PGP Additional Decryption Key (ADK)
Phil Dunkelberger, CEO of PGP Corporation speaks at the Commonwealth Club of California - September 13, 2006.
Download the PowerPoint presentation. [258KB]
Know Thine Enemy and Thine Customers
04 Aug, 2006
Last week, I wrote about how important it was to have a comprehensive understanding of both front- and back-office threat models when you design security systems. This week, we have a classic example of what happens when you build a point security product without a broad understanding of the environment into which it will be deployed.
Continue reading...
- Phil
04 Aug, 2006
Last week, I wrote about how important it was to have a comprehensive understanding of both front- and back-office threat models when you design security systems. This week, we have a classic example of what happens when you build a point security product without a broad understanding of the environment into which it will be deployed.
Continue reading...
- Phil
EMC-RSA: Why Protecting Just the Back Office Isn't Enough
26 July, 2006
It's been interesting watching the financial and industry analysts dissect the EMC acquisition of RSA and the announcement that Secure Computing would acquire CipherTrust. The latter deal has taken its lumps from Wall Street based on its structure (Secure Computing will assume significant debt to complete the transaction) while EMC continues to try to reassure industry analysts there is material product line synergy between the two organizations.
Continue reading...
- Phil
26 July, 2006
It's been interesting watching the financial and industry analysts dissect the EMC acquisition of RSA and the announcement that Secure Computing would acquire CipherTrust. The latter deal has taken its lumps from Wall Street based on its structure (Secure Computing will assume significant debt to complete the transaction) while EMC continues to try to reassure industry analysts there is material product line synergy between the two organizations.
Continue reading...
- Phil
Buying into a Culture of Security
30 June, 2006
The merger wave of 2006 hit the IT security sector yesterday with the announcement that EMC would acquire RSA Security for $2.1 billion. Although it was a notable deal in terms of the price paid, it's even more important for what it says about the way the IT industry is evolving. As Joe Tucci, EMC's CEO stated when he announced the acquisition; this is a space that is "incredibly hot. There were other companies that noticed this." Tucci also noted that it was, "a very competitive situation."
Continue reading...
- Phil
30 June, 2006
The merger wave of 2006 hit the IT security sector yesterday with the announcement that EMC would acquire RSA Security for $2.1 billion. Although it was a notable deal in terms of the price paid, it's even more important for what it says about the way the IT industry is evolving. As Joe Tucci, EMC's CEO stated when he announced the acquisition; this is a space that is "incredibly hot. There were other companies that noticed this." Tucci also noted that it was, "a very competitive situation."
Continue reading...
- Phil
Security issues? What security issues?
20 June, 2006
It's been interesting watching the IT analyst community "rediscover" the encryption market recently. Having nearly ignored the space since the collapse of the PKI market 5 years ago, a number of analysts have started to cover the content security market again. Much of what's been written recently, however, seems to fall into the category of "a good look in the rearview mirror".
Continue reading...
- Phil
20 June, 2006
It's been interesting watching the IT analyst community "rediscover" the encryption market recently. Having nearly ignored the space since the collapse of the PKI market 5 years ago, a number of analysts have started to cover the content security market again. Much of what's been written recently, however, seems to fall into the category of "a good look in the rearview mirror".
Continue reading...
- Phil
Quantum Cryptography Breakthrough?
17 Apr, 2006
Three or four times per year, I read reports about a new "breakthrough" in cryptography. Typically, these announcements are made by small companies and include assertions that the new "secret algorithm" is far more secure, faster, cheaper (pick one) than everything that's preceded it. As any good cryptographer will tell you, any algorithm that needs to be kept secret probably isn't very good crypto - and even if it is, there's no way to prove it. (This is the primary reason why we've always published PGP source code.)
Continue reading...
- Phil
17 Apr, 2006
Three or four times per year, I read reports about a new "breakthrough" in cryptography. Typically, these announcements are made by small companies and include assertions that the new "secret algorithm" is far more secure, faster, cheaper (pick one) than everything that's preceded it. As any good cryptographer will tell you, any algorithm that needs to be kept secret probably isn't very good crypto - and even if it is, there's no way to prove it. (This is the primary reason why we've always published PGP source code.)
Continue reading...
- Phil
Password Recovery: Fact or Fiction?
05 Apr, 2006
I suppose it's a sign of just how ubiquitous PGP encryption has become that we now have companies developing products to allow for the "recovery" of lost passwords. These types of products have been around a long time, but we are just now seeing the companies that publish them claim "PGP compatibility"...meaning you could conceivably decrypt a PGP-encrypted message with them.
Continue reading...
- Phil
05 Apr, 2006
I suppose it's a sign of just how ubiquitous PGP encryption has become that we now have companies developing products to allow for the "recovery" of lost passwords. These types of products have been around a long time, but we are just now seeing the companies that publish them claim "PGP compatibility"...meaning you could conceivably decrypt a PGP-encrypted message with them.
Continue reading...
- Phil
PGP Extensions to OpenPGP
01 Mar, 2006
Occasionally, someone asks me if other vendors supporting OpenPGP isn't bad for PGP Corporation. The logic of the query typically runs along the lines of, "If I can get 'PGP' from other vendors, doesn't that limit your addressable market?" Fortunately, for us, nothing could be further from the truth. When other vendors support PGP, in most cases, it expands our total market opportunity because it ensures interoperability between PGP solutions and whatever else might already be installed.
Continue reading...
- Phil
01 Mar, 2006
Occasionally, someone asks me if other vendors supporting OpenPGP isn't bad for PGP Corporation. The logic of the query typically runs along the lines of, "If I can get 'PGP' from other vendors, doesn't that limit your addressable market?" Fortunately, for us, nothing could be further from the truth. When other vendors support PGP, in most cases, it expands our total market opportunity because it ensures interoperability between PGP solutions and whatever else might already be installed.
Continue reading...
- Phil
Related Links
OpenPGP
OpenPGP
OpenPGP
23 Feb, 2006
In the last few months, a number of email security vendors have announced support for OpenPGP, the encoding scheme used in all PGP products. I tend to find these announcements somewhat ironic because they typically follow years of denial by the vendor involved that support for OpenPGP is a requirement of their target customers. The widespread adoption of OpenPGP is just one more indication that it has become a de facto standard in most enterprises.
Continue reading...
- Phil
23 Feb, 2006
In the last few months, a number of email security vendors have announced support for OpenPGP, the encoding scheme used in all PGP products. I tend to find these announcements somewhat ironic because they typically follow years of denial by the vendor involved that support for OpenPGP is a requirement of their target customers. The widespread adoption of OpenPGP is just one more indication that it has become a de facto standard in most enterprises.
Continue reading...
- Phil
Related Links
OpenPGP
OpenPGP
Protecting Your Personal Financial Data
27 Jan, 2006
I mentioned 2 weeks ago that the real threat to individual privacy in the U.S. today comes from the dual threats of identity theft and the large-scale collection and dissemination of personal financial, medical, and other information. I dealt in that piece with ways to prevent identity theft. Today, I'll deal with how to prevent the financial institutions with which you do business from sharing the details of your financial life with other firms. I consider limiting the distribution of such information to be a key step for any consumer wishing to retain some semblance of personal privacy.
Continue reading...
- Phil
27 Jan, 2006
I mentioned 2 weeks ago that the real threat to individual privacy in the U.S. today comes from the dual threats of identity theft and the large-scale collection and dissemination of personal financial, medical, and other information. I dealt in that piece with ways to prevent identity theft. Today, I'll deal with how to prevent the financial institutions with which you do business from sharing the details of your financial life with other firms. I consider limiting the distribution of such information to be a key step for any consumer wishing to retain some semblance of personal privacy.
Continue reading...
- Phil
Perceptions of Encryption Yet to Catch Up with the Reality
19 Jan, 2006
A recent survey by The Ponemon Institute© proves just how long it can take perception to catch up to reality in fields as complex as data security. Larry Ponemon is one of the better researchers currently practicing in this space. So, when he publishes a new report, it's worth paying attention. The latest report is nicely summarized in an op-ed piece Larry wrote for Computerworld.
Continue reading...
-Phil
19 Jan, 2006
A recent survey by The Ponemon Institute© proves just how long it can take perception to catch up to reality in fields as complex as data security. Larry Ponemon is one of the better researchers currently practicing in this space. So, when he publishes a new report, it's worth paying attention. The latest report is nicely summarized in an op-ed piece Larry wrote for Computerworld.
Continue reading...
-Phil
Preventing Identity Theft
04 Jan, 2006
It's been interesting watching Congress debate whether or not the President broke the law in ordering wire taps on certain phone calls by suspected terrorists. If you'd like to read two very well thought out, beautifully written, and diametrically opposed opinions on this issue, check out the lead editorials in the New York Times and Wall Street Journal on December 20th. However important this issue is, I think what's really disturbing most Americans is the realization that the era when one could expect privacy in most areas of life is over. While the debate in Washington has highlighted one of the ways in which our privacy might be infringed, I think the real threat to personal privacy does not come from the actions of government, but from businesses both legitimate and not.
Continue reading...
- Phil
04 Jan, 2006
It's been interesting watching Congress debate whether or not the President broke the law in ordering wire taps on certain phone calls by suspected terrorists. If you'd like to read two very well thought out, beautifully written, and diametrically opposed opinions on this issue, check out the lead editorials in the New York Times and Wall Street Journal on December 20th. However important this issue is, I think what's really disturbing most Americans is the realization that the era when one could expect privacy in most areas of life is over. While the debate in Washington has highlighted one of the ways in which our privacy might be infringed, I think the real threat to personal privacy does not come from the actions of government, but from businesses both legitimate and not.
Continue reading...
- Phil
Microsoft Joins the Privacy Bandwagon
21 Nov, 2005
It was heartening to see Microsoft get on the privacy bandwagon so enthusiastically this month. As I"ve stated here repeatedly, it is long past time for congress to deliver a unified privacy statute that would protect consumers and rationalize the hodgepodge of state and industry -specific privacy regulations now in effect. At a speech in Washington , D.C. , earlier this month, Microsoft"s Senior Vice President and General Counsel, Brad Smith, called for “comprehensive” privacy legislation at the federal level.
Continue reading...
- Phil
21 Nov, 2005
It was heartening to see Microsoft get on the privacy bandwagon so enthusiastically this month. As I"ve stated here repeatedly, it is long past time for congress to deliver a unified privacy statute that would protect consumers and rationalize the hodgepodge of state and industry -specific privacy regulations now in effect. At a speech in Washington , D.C. , earlier this month, Microsoft"s Senior Vice President and General Counsel, Brad Smith, called for “comprehensive” privacy legislation at the federal level.
Continue reading...
- Phil
Europeans Lead Data Privacy Movement
02 Nov, 2005
One of the great ironies of the advent of the Information Age is that our personal information is less secure from prying eyes than ever. At no point in history has information about how you spend your time and money, where and when you seek medical care, or what causes you support been more public. The Privacy Rights Clearinghouse has documented the loss of personal information of more than 50 million people since February. Although both public and private institutions have drawn up lists of best practices to minimize the risk of losing control of personal information, it's clear there need to be changes in the regulatory environment as well. The harsh reality, however, is that the U.S. lags behind our European counterparts by more than a decade in formulating laws to protect our private financial, health care, and other records.
Continue reading...
- Phil
02 Nov, 2005
One of the great ironies of the advent of the Information Age is that our personal information is less secure from prying eyes than ever. At no point in history has information about how you spend your time and money, where and when you seek medical care, or what causes you support been more public. The Privacy Rights Clearinghouse has documented the loss of personal information of more than 50 million people since February. Although both public and private institutions have drawn up lists of best practices to minimize the risk of losing control of personal information, it's clear there need to be changes in the regulatory environment as well. The harsh reality, however, is that the U.S. lags behind our European counterparts by more than a decade in formulating laws to protect our private financial, health care, and other records.
Continue reading...
- Phil
PGP Encryption for BlackBerry Devices
11 Oct, 2005
As promised, PGP made big news yesterday. PGP Corporation and Research in Motion (RIM) announced the PGP® Support Package for BlackBerry®. Now, for the first time, companies that use the BlackBerry Enterprise Server and have installed PGP® Universal to encrypt email on the wired Internet can use that same infrastructure to encrypt email destined for wireless BlackBerry devices. Although the BlackBerry has always been a secure device, until now there has been no way to read and create PGP-encrypted email directly on the BlackBerry.
Continue reading...
- Phil
11 Oct, 2005
As promised, PGP made big news yesterday. PGP Corporation and Research in Motion (RIM) announced the PGP® Support Package for BlackBerry®. Now, for the first time, companies that use the BlackBerry Enterprise Server and have installed PGP® Universal to encrypt email on the wired Internet can use that same infrastructure to encrypt email destined for wireless BlackBerry devices. Although the BlackBerry has always been a secure device, until now there has been no way to read and create PGP-encrypted email directly on the BlackBerry.
Continue reading...
- Phil
Whole Disk Encryption Extends PGP Universal
05 Oct, 2005
There has been great excitement this week as we announced PGP's first stand-alone full disk encryption product line, PGP Whole Disk Encryption. I've been asked by a number of people if this doesn't represent a bit of a departure from PGP's traditional focus on encrypting email and files transfers. Nothing could be further from the truth. Since we began to design PGP Universal more than 3 years ago, our vision has been to leverage this new infrastructure and administrative features to encrypt all data in motion and at rest.
Continue reading...
- Phil
05 Oct, 2005
There has been great excitement this week as we announced PGP's first stand-alone full disk encryption product line, PGP Whole Disk Encryption. I've been asked by a number of people if this doesn't represent a bit of a departure from PGP's traditional focus on encrypting email and files transfers. Nothing could be further from the truth. Since we began to design PGP Universal more than 3 years ago, our vision has been to leverage this new infrastructure and administrative features to encrypt all data in motion and at rest.
Continue reading...
- Phil
Oracle Sees Need for Persistent Encryption
23 Sept, 2005
The big news in San Francisco this week is that Oracle OpenWorld is in town. OpenWorld is a once-a-year opportunity for Oracle's customers to hear directly from the company on its strategy and vision. One of the hot topics this year, of course, is the impact Oracle's recent acquisitions will have on the company and its customers. In his keynote on Wednesday, CEO Larry Ellison indicated Oracle might take a break from acquisitions to integrate PeopleSoft, Siebel, and the other seven companies it has acquired this year. Oracle then turned around later in the day and announced it had acquired G-Log, a provider of logistics and transportation management software. Larry also mentioned in his keynote that Oracle intends to build encryption and intrusion-prevention features directly into its product line.
Continue reading...
- Phil
23 Sept, 2005
The big news in San Francisco this week is that Oracle OpenWorld is in town. OpenWorld is a once-a-year opportunity for Oracle's customers to hear directly from the company on its strategy and vision. One of the hot topics this year, of course, is the impact Oracle's recent acquisitions will have on the company and its customers. In his keynote on Wednesday, CEO Larry Ellison indicated Oracle might take a break from acquisitions to integrate PeopleSoft, Siebel, and the other seven companies it has acquired this year. Oracle then turned around later in the day and announced it had acquired G-Log, a provider of logistics and transportation management software. Larry also mentioned in his keynote that Oracle intends to build encryption and intrusion-prevention features directly into its product line.
Continue reading...
- Phil
Archives
Recent Posts
The NEW Data Wars Have Begun – Chapter 3
17 Sep, 2008
Bletchley Park Needs YOUR Help
10 Sep, 2008
The NEW Data Wars Have Begun – Chapter 2
09 Sep, 2008
National Museum of Computing at Bletchley Park
09 Sep, 2008
The NEW Data Wars Have Begun – Chapter 1
07 Aug, 2008
Media Contacts
North America
Christina Grenier
PGP Corporation
+1 650 543 3697
cgrenier@pgp.com
Tom Rice
Merritt Group
+1 703 856 2218
rice@merrittgrp.com
Germany
Ingrid Daschner
Johnson King
+49 (0) 89 8940 8511
ingridd@johnsonking.de
Japan
Kyosuke Wakairo
Powered Communications Inc.
+81 3 5211 7899
pgp@powered-communications.com
United Kingdom
Jacqui Depares
Johnson King
+44 (0)20 7401 7968
jacquid@johnsonking.co.uk