CNET también está disponible en español.

Ir a español

Don't show this again

Tech Industry

Security firms merge, pass VeriSign

Britain's Zergo Holdings is acquiring Ireland's Baltimore Technologies. The firms' combined revenues will create the biggest public key infrastructure company outside North America.

    With an eye on the North American market, British network-security firm Zergo Holdings is acquiring Ireland's Baltimore Technologies, creating a digital-certificate company with more revenue than VeriSign.

    Zergo will pay $50 million in stock and $5 million in cash for Baltimore, a combination that makes it the largest company outside North America selling public key infrastructure (PKI) software. Earlier this year, Zergo bought Australia's Secure Domain, another PKI firm active in the Asia-Pacific region.

    "Zergo wants to drive the consolidation of the industry, and we will look for appropriate acquisitions in the United States," said Zergo CEO Tom Larson.

    PKI systems issue and manage digital IDs that are used as online identity cards to vouch for the identity of a person or company on the Internet or a private network. PKI systems are used to verify, revoke, and renew digital certificates, which can be stored in a device's memory or on a smart card, similar to a credit card with a chip on it.

    Both companies recently established U.S. offices, and Larson promised more U.,S. acquisitions here, primarily to boost its marketing capabilities, not to buy new security technologies.

    Forrester Research analyst Ted Julian thinks they'll need the help.

    "The roadside is littered with the wreckage of non-U.S. companies trying to make headway in information technology here," he said, acknowledging that Zergo's years of experience providing security for European banks gives the company credibility in a security-conscious sector.

    "It's hard to have a foot on both continents, and this acquisition doesn't solve that problem," Julian added.

    Jim Balderston of Zona Research takes Larson at his word about more acquisitions.

    "They want to put themselves on the map," he said, noting that the PKI sector of the security market is heating up. "One strategy is to make yourself so big that you gather market share and survivability and longevity."

    VeriSign, which primarily runs an outsourcing service for companies that use digital certificates, is the best-known U.S. vendor, with $23.5 million in revenues in its most recent four quarters. Entrust Technologies, which sells PKI systems largely designed for corporate networks, not the Internet, reported revenues of $42 million in its last four quarters.

    Combined revenues of Zergo and Baltimore were about $30 million for the last four quarters. And Zergo has a distinction its U.S. rivals can't boast: it's profitable.

    GTE CyberTrust, a unit of GTE, is another major U.S. player, offering both PKI software and an outsourcing service similar to VeriSign's.

    Brian O'Higgins, Entrust's chief technology officer, sees the consolidation as natural. "What is good for the industry will be good for all companies involved in it," he said.

    Anil Pereiria, VeriSign's director of marketing, said the ideal isn't a Surprise. He noted that Baltimore has been up for sale for a time, and argued that VeriSign--with subsidiaries or affiliates in Japan, South Africa, United Kingdom, and France--has broader global coverage.

    With the acquisition, "we can execute our plan more rapidly and with more massive resources and make a serious dent in the U.S. market," said Baltimore's Paddy Holahan, executive director of marketing. "We see ourselves growing there very rapidly."

    Zergo is traded on the London Stock Exchange and has strong security consulting and systems integration offerings--a hot commodity in the U.S. market. It has about 250 employees; Baltimore has about 100.

    Larson said the software architectures of the two PKI firms are similar and the two products will be merged by mid-1999.

    In related news, GTE CyberTrust announced today that it will incorporate validation technology from Valicert into CyberTrust's offerings. Valicert's technology checks on the validity of certificates issued by other certificate authorities.