The PKI Guy explores data encryption with Cindy Provin of nCipher Security

Q&A with Cindy Provin, CEO, nCipher Security

TPG: There has been lots of news lately about your company being acquired by Entrust Datacard. What’s the latest with nCipher Security?

CP: nCipher Security is a separate
company within Thales. nCipher has been operating as a separate stand-alone
business within Thales since January 2019. 
We continue to provide the best Hardware Security Modules (HSM) — nShield
— in the market with the highest levels of service. Entrust Datacard signed an
agreement to acquire nCipher Security and we expect the acquisition to close in
the second quarter 2019. Entrust Datacard offers the trusted identity and
secure transaction technologies that make anytime, anywhere experiences for
consumers, citizens, and employees both reliable and secure. Its solutions
range from the physical world of financial cards, passports, and ID cards to
the digital realm of authentication, certificates, and secure communications. By
combining with Entrust Datacard, nCipher will be better able to accelerate
innovation for customers — customers embarking on initiatives related to
mobility, cloud, and the Internet of Things (IoT) who need to grow their
business while simultaneously protecting their data and managing ever-growing
cyber risks. The combination of nCipher with Entrust Datacard brings powerful
synergy between our solutions with many joint customers relying on nCipher
nShield HSMs to provide a root of trust for their critical business
applications. Jointly we are in a unique position to provide trusted security
and identity solutions and services in digital payments, card issuance, public
key infrastructure (PKI), and the IoT.

TPG: Where is cryptography headed over the next five years, 10 years? 

CP: Cryptography will
continue to be part of our everyday lives and even more so in the coming years.
Encryption is at the heart of digital transformation and that digital
transformation is changing the way we live. Think about connectivity — or IoT, electronic transactions, and online payments — they all rely on a root of trust that enables trust, integrity, and

TPG: What security vulnerabilities are enterprises most concerned about and how are you addressing them?

CP: Today’s information systems are highly integrated and automated,
and threats are growing, driving a need for enhanced protection for data at
rest, in motion, or in use. New demands created by shifting regulations and industry
mandates, distributed organizations, outsourcing, joint ventures, and
e-commerce are driving enhanced security requirements. nCipher provides a
comprehensive range of proven credentialing and key management solutions to
address these challenges. nCipher secures a wide range of diverse use cases
from device credentialing to digital payments and data security, all of which
are enabled and secured with nCipher solutions and services. nCipher HSMs
secure today’s business critical applications by providing a root of trust for
tomorrow’s technologies.

TPG: Tell us what makes your Hardware Security Modules unique.

CP: nShield HSMs provide a
hardened, tamper-resistant environment for secure cryptographic processing, key
generation and protection, encryption, and more. Available in three FIPS 140-2
certified form factors, nShield HSMs support a variety of deployment scenarios.
The nShield differentiates itself through its tight integration with Thales Security World architecture to build a unified ecosystem that delivers scale, seamless
failover, and load balancing while maintaining high performance and
versatility. nShield also uniquely offers the ability to protect proprietary
applications and data in a secure environment for enhanced security of
sensitive application through the nShield CodeSafe option. This option provides
the execution of code within the secure boundary of the nShield protecting the
application and the data. 

TPG: The latest research indicates that the Internet of Things is driving the adoption of Public Key Infrastructure. What’s your take?

CP: In a recent study that nCipher Security just completed with the Ponemon Institute, our findings clearly state that the Internet of Things is the fastest growing force affecting PKI planning. It is clear that IoT is driving the deployment of applications that use PKI. Most IoT devices are using or will use digital certificates for the identification and authentication of that device into the applications. The most important PKI capabilities for IoT are scale of managed certifications, online revocation, strong FIPS certified roots and issuing CAs, the ability to sign firmware, cloud security, and support for ECC (Elliptic-Curve Cryptography). All of these capabilities to provide trust, integrity and control to the overall environment. We will continue to see cloud applications and IoT as key to PKI.   Organizations must not only address the digital certificate needs of today but also the diversity and scale to support IoT. 

TPG: How are you addressing IoT security? Cloud security?

CP: At nCipher Security, we are working with a number of partner to
provide the ability to capture and analyze data from distributed connected
devices to optimize processes, create new revenue streams, and improve customer
service. However, the IoT also exposes organizations to new security
vulnerabilities introduced by increased network connectivity and devices that
are not secured by design. And advanced attackers have demonstrated the ability
to pivot to other systems by leveraging vulnerabilities in IoT devices. nCipher’s
nShield HSMs bring trust to the IoT with solutions for device credentialing and
authentication, firmware signing, and data confidentiality and privacy.

For cloud
security, nCipher enable organizations to utilize nShield BYOK (Bring Your Own Key)
to strengthen the security of their sensitive data in the cloud and maintain
control of the key generation, storage, and export. With nShield BYOK,
organization bring their own keys to public cloud applications, such as Amazon
Web Services (AWS), Google Cloud Platform (GCP), or Microsoft Azure. nShield high-assurance HSMs let organizations continue to
benefit from the flexibility and economy of cloud services while strengthening
the security of their key management practices and allowing them to maintain
greater control over their keys.

TPG: What are you doing to help companies stay compliant with data laws, such as GDPR?

CP: nCipher helps organizations meet industry and government compliance requirements around the world. Perhaps the most comprehensive data privacy standard to date is GDPR. GDPR affects any organization that processes the personal data of EU citizens — regardless of where the organization is headquartered. nCipher assists organization in complying with the critical Article 5, 32 and 34 rules related to the pseudonymisation and encryption of personal data and the unauthorized access to personal data. nCipher helps to meet these requirements by providing:

  • Strong data encryption and key protection
  • Database encryption key protection
  • Authorized user controls

About Mark B. Cooper aka "The PKI Guy"

President & Founder at PKI Solutions, Leading PKI Cybersecurity Subject Matter Expert, Author, Speaker, Trainer, Microsoft Certified Master.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.