Time to hug a PGP employee?

Very rarely do I ever get to witness the effects of a corporate takeover first hand but the acquisition of PGP by Symantec, announced lunchtime on the last day of InfoSec 2010, was to be different.

I had been through the usual InfoSec battering of interviews, key notes and random discussions which are the hallmark of this important annual event. My antenna was starting to pick up some odd behaviour chez PGP. Stranded executives unable to attend “because of the ash” (because of the cash?) coupled with a rather bizarre discussion with another very pre-occupied executive on the Thursday morning who insisted they “only had time for a 10 minute chat” and hid their laptop from view in the public display area.

Clearly something was not right.

I was sitting on the Symantec stand an hour or so later having a chat with a senior product person when I was told the news. What was to be a pleasant discussion about Symantec turned into a bit of a navel gazing exercise as we all ruminated about the ramifications of the deal.

Symantec has had an encryption sized hole in their offering that had been papered over but never properly filled. Unlike McAfee, who realised the importance of encryption and went after Safeboot in late 2007, Symantec never really took the plunge until this week. The OEM relationship that Symantec had with GuardianEdge provided them with some data protection experience which has now been confirmed with the purchase of that company for a seemingly cheap