U.S.-based TruSecure is merging with Betrusted to create a security company with global reach. The new company, to be called Cybertrust, hopes to respond to the expanded risks in IT of not only vulnerabilities and viruses, but also compliance with government regulations on the handling of information.
The merger agreement, which has yet to beapproved, would create “the world’s largest privately held informationsecurity company,” with 1,000 employees, 4,000 clients and US$160 million inannual revenue, according to a press release.
Security experts said the merger was a strong deal for bothTruSecure, which has struggled through many management changes in recentyears, and for Betrusted. The merger extends both the geographic and servicereach of the new company. The new company will alsoinclude Betrusted subsidiary Ubizen, a Belgian provider of filteringsoftware.
In announcing the merger, the companies said Cybertrust would fold thespecialties of each company — risk management and compliance fromTruSecure, identity management from Betrusted and intrusion detection andprevention from Ubizen.
“Combining these competencies, Cybertrust is uniquely positioned tocreate a level of trust for clients that addresses their vulnerabilityissues, evolving regulatory compliance requirements and identity managementneeds,” the companies said in a statement.
Yankee Group vice president Matthew Kovar said the merger has created a “globalsecurity management leader” capable of providing services in threats andvulnerability, compliance and identity management.
Threats and Regulations
Forrester research director Michael Rasmussen told TechNewsWorld that the newcompany reflects the growing importance of information risk management,which differs from traditional IT security.
“Information security is really starting to mature to a risk managementfunction,” Rasmussen said, referring to increased regulation on handling andholding data.
Rasmussen explained that while the increased focus on risk management hasbolstered IT security, it is also moving information security away from CIOswho are continuing to deal with “IT security, the technology-side bits andbytes.”
“It’s helping IT security, but it’s also separating IT security frominformation security and risk management in some cases,” Rasmussen said.
Cybertrust also cited increasing threats andregulations such as the Health Insurance Portability and Accountability Act(HIPPA), Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act, Basel II andEuropean Union directives on data protection.
Cybertrust said industry and governments will be spending billions ofdollars on the accessibility and security of information based on thesecurity risks and regulations from various governments.
Rasmussen agreed, adding that the merger will give the companies thelarger reach to take advantage of the growing security and risk managementmarket.
“A lot of those challenges are international challenges, not just U.S.challenges,” Rasmussen said. “This merger really helps them expand inEurope.”
Continuity and Consolidation
Rasmussen said that while TruSecure has struggled with continual managementchanges over the last few years, the company’s risk management specialtyadds a lot of strength to the Cybertrust merger.
Although the deal is only the latest in a long string of consolidation insecurity, Rasmussen said there is more to come as larger players includingSymantec, McAfee, Computer Associates and others continue to acquire smaller,”point specific” security services.
Rasmussen said IT customers generally appreciate the consolidatedservices but still piece together their own security stances usingdifferent providers based on needs.
“[Customers] like the menu that providers are offering, but they stilllike to choose a la carte,” Rasmussen said. “It doesn’t necessarily mean onevendor’s a shoe-in for any organization.”