Sectigo - Experts & Thought Leaders

Sectigo, a pioneer in digital certificates and automated Certificate Lifecycle Management (CLM), announced the purchase of Entrust’s public certificate business, marking a transformative milestone in the company’s history. This strategic move significantly expands Sectigo’s enterprise business, doubling its footprint and reinforcing its position as a pioneer in delivering trusted digital security solutions. New opportunities for Sectigo The acquisition unlocks new growth options for Sectigo to provide enhanced CLM abilities The acquisition unlocks new growth opportunities for Sectigo to provide enhanced CLM capabilities to a broader customer base while offering a clear path for businesses to prepare for the challenges of shorter certificate lifespans and postquantum cryptography (PQC). "We are excited to welcome Entrust public certificate customers and partners to the Sectigo family. We are committed to providing them with the exceptional support and service that defines our reputation," said Kevin Weiss, chief executive officer at Sectigo. Sectigo’s cloud-native CLM solutions Weiss added: "At Sectigo, we understand that automating certificate management requires focused solutions. That’s why more than 2,700 partners and hundreds of thousands of customers, from SMBs to Fortune 100 global enterprises, trust us to deliver seamless, scalable Certificate Lifecycle Management solutions in today’s rapidly evolving and increasingly complex digital environment." As the internet shifts toward greater automation, shortened certificate lifespans, and quantum cryptography readiness, Sectigo’s cloud-native CLM solutions are uniquely positioned to deliver industry-pioneering value and performance to meet each of those needs. Entrust’s public certificate customers Entrust’s public certificate clients and allies will gain a seamless transition and uninterrupted operations With a proven track record of leadership in public trust and an unwavering commitment to the highest certificate standards—bolstered by a record five chair positions within the CA/Browser Forum—Entrust’s public certificate customers and partners will gain a seamless transition and uninterrupted business operations. Further, Sectigo brings all its customers a decisive edge in quantum preparedness, empowering them to future-proof their businesses against the challenges of tomorrow. Level of service and support  “We have had a long history in the public certificate business, so it was important to us to find the right provider for our customers,” said Todd Wilkinson, president and CEO of Entrust. “Sectigo is a trusted industry pioneer with a strong track record of compliance and hundreds of thousands of customers worldwide." "We are working together to make the transition as easy as possible for our customers and are confident that their reputation as a certificate authority and commitment to delivering a high level of service and support will serve our customers well." Benefits of Sectigo’s platform Sectigo is also committed to working closely with partners to ensure seamless continuity of service This acquisition significantly broadens Sectigo’s total addressable market, reinforcing its vision of being the trusted partner for protecting the digital infrastructures of organisations worldwide.  As a highly reputable CA with a partner-friendly makeup, Sectigo is also committed to working closely with partners to ensure seamless continuity of service while helping them maximise the capabilities and benefits of Sectigo’s platform. Transformative growth opportunity for Sectigo "Certificate Lifecycle Management is an attractive, rapidly growing segment of the identity market, with enduring growth tailwinds and a forecasted market size of greater than $8 billion by 2029," said Travis Pearson, managing director at GI Partners, a private investment firm and the majority shareholder of Sectigo. "This acquisition presents a transformative growth opportunity for Sectigo, positioning the company for substantial expansion and reinforcing its leadership as one of the world’s most trusted certificate authorities."

Sectigo, a global pioneer in digital certificates and Certificate Lifecycle Management (CLM) announced SiteLock 2.0, a major upgrade to SiteLock, its website security and protection platform. SiteLock 2.0 SiteLock 2.0 is designed to simplify website protection for small to medium-sized businesses (SMBs). At the core of SiteLock 2.0 is Site Health, a new, innovative feature offering users a clear, concise, and actionable assessment of a website's overall security posture. SMBs are empowered to proactively safeguard their websites and act with confidence when it comes to website security posture.  Website security market SiteLock 2.0 reduces the complexity of understanding and managing website security, minimising the time The website security market is rapidly evolving, valued at $227M in 2023 and forecasted to reach $408M by 2030. Despite this, SMBs still face significant challenges in protecting their digital assets due to limited budgets and technical expertise. SiteLock 2.0 reduces the complexity of understanding and managing website security, minimising the time and effort required to configure and maintain security settings, and eliminating the frustration of navigating fragmented or overly technical security information.  Implement, manage, and understand website security "Website owners often struggle to get a clear, real-time understanding of their security posture across multiple tools, vulnerabilities, and potential risks," said Christopher Bray, senior vice president, of worldwide partner and eCommerce sales, at Sectigo.  "Sectigo is committed to empowering customers of all technical backgrounds to effortlessly implement, manage, and understand robust website security without sacrificing user experience. With the launch of SiteLock 2.0, we're not just updating a product; we're transforming and simplifying how SMBs manage website security in an environment that is getting more complex.”  Site Health Always live, the score changes depending on the specific products and configurations present on a site Site Health, SiteLock 2.0’s key feature, goes beyond traditional vulnerability scanning by consolidating multiple security scans and metrics to generate a single, easy-to-understand score that reflects the overall health of a site. Its sophisticated algorithm calculates a site's health score, incorporating factors such as malware detection, vulnerability scanning, SSL certificate status, and product configuration. Always live, the score changes depending on the specific products and configurations present on a site ensuring SMBs always have access to the most current security information.  Key features of SiteLock 2.0 In addition to Site Health, key features of SiteLock 2.0 include:  Reimagined Dashboard: The redesigned interface prioritises key actions, improves organisation, and delivers a more intuitive and user-friendly experience.   Prioritised Security Action Queue: A ranked list of key security tasks based on urgency makes it simple for users to resolve critical issues first.  Unified Security Scans: All core security scans are consolidated, making it easier to monitor and configure them from one central location.  Faster Setup: A streamlined setup process reduces the steps needed to secure a site, cutting deployment time by 75%.  SiteLock 2.0 is available immediately for both new and existing customers.

Sectigo®, the industry’s most innovative provider of comprehensive certificate lifecycle management (CLM) announced the newest member of its senior executive team with the appointment of Jason Scott as Chief Information Security Officer (CISO).  Jason Scott Jason Scott will oversee all aspects of cybersecurity at Sectigo including data, infrastructure, network, applications, and products. He joins the company with more than 20 years of experience including leadership roles at top global organisations such as Capgemini, Chevron, and the U.S. Army.  Scalable CLM solutions “It’s exciting to join a company that is expanding into new markets and growing as quickly as Sectigo is,” said Jason Scott, adding “The company’s mission to deliver the simplest, most secure, and most scalable CLM solutions makes cyber hygiene and a strong security posture critical to success. I am proud to be an integral part of that mission.”   Experience with U.S. Army Cyber Command His hands-on approach propelled U.S. Army cyber readiness into the forefront of cybersecurity Jason Scott served most recently as a colonel and principal architect for the U.S. Army Cyber Command, where he was responsible for integrating global defensive cyber operations to protect critical infrastructure, applications, and defence department networks. During his tenure, Jason played a pivotal role in reshaping antiquated formations into agile, resilient teams poised to defend the U.S. against evolving threats in cyberspace.  His strategic vision and hands-on approach propelled U.S. Army cyber readiness into the forefront of cybersecurity preparedness, aligning its operations with modern tactics, techniques, and procedures to protect vital infrastructure from adversaries.  Additional work experience  He also served as an executive director in Washington D.C. and cyber director in Atlanta where he drove organisational efficiency and effectiveness amid complex operational environments. His leadership acumen and dedication to mission success earned him numerous accolades that highlight his contributions to national security. Cybersecurity strategy “We are pleased to welcome Jason to the Sectigo family,” said Sectigo Chief Product and Engineering Officer, Mark Bilger, adding “Jason’s success in managing cyber threats for large enterprises and government entities with a substantial global reach will provide invaluable protection for customers and employees alike." He continues, "His expertise in cybersecurity strategy, threat protection, and risk mitigation will enhance our security posture while we enable customers around the world to become crypto-agile as they invest in emerging quantum-safe technologies.”  Sectigo’s cloud-native, CA-agnostic CLM solutions Sectigo’s cloud-native, CA-agnostic CLM solutions deliver more than 50 leading technology integrations from a single pane of glass and they all carry the full weight and trust of Sectigo’s two decades as a trusted certificate authority (CA). 

For many businesses and organisations, the term 'authentication' is synonymous with 'password' or 'multi-factor authentication (MFA)’. However, because today's business ecosystem is complex and stretches across distributed workforces with work from home, BYOD policies, and multiple cloud environments, it is very challenging to efficiently recognise and authenticate identities of people, processes, and devices throughout the enterprise using traditional methods. The problem with passwords For starters, people tend to forget passwords. To make passwords easier to remember, users may store their passwords in a vulnerable file, create passwords using a consistent pattern, or use the same password again and again. If a password is uncovered on one service or from an unprotected spreadsheet, a bad actor could use that same password to access a high-value network, maybe a corporate service or a bank account. Technical problems with password security Not only are passwords easy for today’s hackers to steal, they offer a poor user experience Not only are passwords easy for today’s hackers to steal, they offer a poor user experience and can be a burden to help desks workers. Password security also suffers from a legion of technical problems. For example, if a connected device machine has been infected with screen scraper malware, the malware can gather all visible data, including passwords, and send them back to the bad actor. Captured passwords are commonly sold and purchased in the underground economy, which can lead to a wide range of security problems. The modern way to authenticate - Public Key Infrastructure (PKI) If passwords are too easily intercepted, what is the best certificate authentication approach? The answer is Public Key Infrastructure (PKI)-based authentication, the better option, because it eliminates the password and reduces the time to authenticate. There is no stronger, easier-to-use authentication and encryption solution than the digital identity provided by PKI. Rather than secret-sharing, PKI uses certificates that do all the work behind the scenes, thereby eliminating the burden on users and the human-error accompaniment. PKI works by using an asymmetric cryptographic key pair, consisting of a private key and a public key. These keys function as a pair using incredibly complex cryptographic algorithms to protect identities and data from unauthorised access or use. Public key The public key consists of a long string of apparently random numbers and is used to encrypt a message. This encrypted message can only be decrypted by the associated private key, which is also made of a long string of numbers. This private key is a secret key and is never shared. The key pair is mathematically related, so that whatever is encrypted with a public or private key, can only be decrypted by its corresponding counterpart. Private key The private key is embedded inside the device, on which it sits - on every laptop, phone, IoT device, server and email client The private key is embedded inside the device, on which it sits - on every laptop, phone, IoT device, server and email client. Whenever possible, the private key is stored in a TPM or hardware security module, protecting it from discovery, even if the device is infected with malware or compromised by a hacker. Additionally, the private key would take decades to brute force and the result is that attack attempts fail. The connection between security and usability There is a dynamic relationship between security and usability - the more you try to up the ante on password-based security, the more difficult it becomes to use. The best security investment is one that can be easily deployed and enthusiastically used by employees. Using PKI authentication is both rock solid and seamless to end users. Digital certificates can be easily deployed to every employee device and system using automated tools. Wouldn't it be better and simpler to not have to type in passwords and instead be automatically authenticated and granted proper access? PKI takes us from the stone age of user names and passwords to a better authentication experience.