Thales eSecurity spins out nCipher

Hardware security module (HSM) specialist nCipher is once again a standalone business within Thales after being part of Thales eSecurity for 11 years.

The business is to be held separate from the rest of the Thales Group pending its divestiture to a third-party buyer.

The move comes as the result of Thales Group’s offer to acquire Netherlands-based digital security firm Gemalto for €4.8bn and the consequent demands of a number of antitrust agencies, including the European Commission (EC), to create a strong player in the general purpose HSM market.

The EC found that the proposed merger would lead to very high combined market shares and would eliminate the competitive constraints that Thales and Gemalto currently exercise on each other in the general purpose HSM market.

The EC also found that cloud service providers offering cloud-based HSMs do not provide a strong competitive constraint on the market today and are not expected to do so in the near future.

“As a result, by reducing the number of players in the general purpose HSM market and by lowering the merged entity’s incentives to compete effectively, the transaction as notified was likely to lead to higher prices, less choice for customers and less innovation,” the EC said.

Thales said that spinning out nCipher is aimed at preserving competition and ensuring continued innovation in the general purpose HSM market, with nCipher Security expected to take a leading role.

“Thales and Gemalto continue to work constructively with the competent antitrust authorities to obtain the remaining merger control regulatory clearances in Russia and the United States. In addition, Thales and Gemalto are seeking regulatory clearance relating to foreign investments from the competent authority in Russia,” the company said in a statement.

The newly spun out nCipher Security is to focus on delivering trust, integrity and control to business critical information and applications

By providing a “root of trust”, nCipher said its products and services are designed to enable customers to take advantage of emerging technologies while ensuring that their business critical assets are protected from breaches.

A high level of assuarance in protecting sensitive data is also increasingly important, nCipher said, to enable organisations to meet the requirements of regulations like the EU’s General Data Protection Regulation (GDPR), California’s Data Breach Notification Law and Australia’s Privacy Amendment Act 2017.

Cindy Provin, CEO of nCipher Security, said nCipher nShield HSMs are a critical component in securing today’s business critical applications as well as the journey to the cloud, new digital payment methods and the internet of things (IoT).

“With high-profile data breaches hitting the headlines daily and newly enforced legislation, organisations need to get security right,” she said.

According to Provin, nCipher customers rely on nShield HSMs to provide a root of trust for a wide variety of business applications, including public key infrastructures (PKIs), SSL/TLS encryption key protection, code signing, digital signing and blockchain.

“As growth in the internet of things creates greater demand for device IDs and certificates, nShield HSMs will continue to support critical security measures such as device authentication using digital certificates,” she said.