Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

U.S. Government Says Thales Must Divest HSM Business Before Acquiring Gemalto

The U.S. Department of Justice announced Thursday that it requires Thales to divest its General Purpose Hardware Security Module (GP HSM) business before it can proceed with the proposed purchase of Gemalto for $5.67 billion. This condition is in line with the requirement of other antitrust and monopolies authorities around the world.

The U.S. Department of Justice announced Thursday that it requires Thales to divest its General Purpose Hardware Security Module (GP HSM) business before it can proceed with the proposed purchase of Gemalto for $5.67 billion. This condition is in line with the requirement of other antitrust and monopolies authorities around the world.

Thales’ GP HSM production was acquired two decades ago when it purchased nCipher. It’s HSM product line has remained associated with nCipher, under the name nShield. Compliance with the DoJ requirement can be achieved by first reconstituting nCipher as a stand-alone unit, and then selling it to a third-party organization.

This process is already in progress. nCipher Security became a separate stand-alone business within Thales and held separate from the rest of the Thales Group pending its divestiture to a third-party buyer on January 7, 2019. On February 22, 2019, Entrust Datacard announced it had signed a definitive agreement to acquire nCipher Security from Thales.

This appears to be an excellent solution for all parties. There is natural synergy between Entrust’s trusted identity business and HSMs. At the same time, Thales will be able to proceed with the much bigger acquisition of Gemalto. And for the government acquisition authorities, competition is preserved.

“This structural solution fully preserves competition in the sale of these critical machines used by corporations and governmental agencies to protect their most sensitive data,” said Assistant Attorney General Makan Delrahim of the Department of Justice’s Antitrust Division. “As a result, American consumers and taxpayers will continue to benefit from competition in this industry.” 

Thales, headquartered in Paris, France, is a globally active firm concentrating on five main industries: aeronautics, space, ground transportation, defense, and security including cybersecurity. In 2017, its global revenue was approximately $19.6 billion.

Gemalto, headquartered in Amsterdam, Netherlands, is globally active in providing authentication and data protection in banking and payment; enterprise and cybersecurity; government; mobile; and the industrial internet of things. In 2017, its global revenue was approximately $3.7 billion.

Entrust Datacard, headquartered in Minneapolis, U.S., provides trusted identity and secure transaction technologies globally. Solutions range from financial cards, passports and ID cards to authentication, certificates and secure communications. The acquisition of nCipher and its HSMs will allow Entrust to offer own-brand secure storage for encryption keys as part of the expanding PKI market, typified in securing IoT devices.

Advertisement. Scroll to continue reading.

Related: Utimaco’s Acquisition of Atalla HSM Product Line Gets Regulatory Clearance 

Related: Enterprise Data Encryption Challenged by Key Management 

Related: EU Antitrust Officials Probe Thales, Gemalto Merger 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem