Interview with Dr. Nicko van Someren, CTO of nCipher
by Mirko Zorz - Thursday, 6 February 2003.
nCipher's CTO Dr. Nicko van Someren leads the research team and directs the technical development of nCipher products. Nicko has 20 years of experience in cryptography, software and hardware product development, and holds a doctorate and First Class degree in computer science from Trinity College, Cambridge, UK.

Introduce nCipher. When was the company started? How did it evolve?

My brother Alex and myself founded nCipher in 1996 to exploit the need for secure e-commerce transactions on the Internet. Since that time, nCipher has grown to be the leading provider of hardware-based encryption products. We are redefining cryptographic security to protect points of risk across the enterprise-from network appliances to Web servers, and custom software applications to back-end databases. nCipher provides hardware and software solutions that enable organizations to implement best practice security by addressing the challenges of cryptographic key management and performance.

What do you see as nCipher's advantages in the security market?

nCipher has always been a step ahead of the market in terms of how cryptography should be used. For years we have been stressing the importance of managing and protecting keys, and it seems the market has finally started to catch up. Companies like Cisco, Intel and F5 are all putting cryptography directly on their chips. XML appliance vendors have to use cryptographic keys in all aspects of their security. All of these technologies need key management. Without it, encryption becomes a target and creates a new point of risk. Would you put a key to your house under your doormat and feel safe at night? Probably not. Cryptographic keys are no different; they need to be protected and monitored in order to block access to what is being secured.

We offer a very unique advantage in that our products are designed to not only protect information, but also to allow customers to fundamentally change the security processes that they have in place. One of the biggest security problems facing companies is not the lack of security equipment, but rather incredibly insecure day-to-day operations. Protecting keys in hardware and allowing for a much easier management process goes a long way towards fixing those problems.

nCipher's products will continue to focus on improving the management and protection of keys, and will continue to also include the acceleration capabilities that our customer base needs as they implement processing-hungry cryptographic applications.

Security issues are the number one problem to the adoption of XML Web services. What does nCipher offer to ensure the security of XML Web services?

The challenge of deploying security to XML applications and Web Services represents a barrier to widespread adoption of these services. Providing capabilities such as privacy, authentication, authorization, integrity and non-repudiation through the use of cryptography and digital signatures has already been established as best practice security in the SSL and PKI markets. These proven security techniques have been incorporated into the XML security standards developed by the W3C. As with any use of cryptography, the management and protection of the cryptographic keys and overall performance issues are critical to the successful delivery of Web Services. nCipher is the market leader in applying hardware-based cryptography to manage and protect cryptographic security and its products are therefore ideally suited to meet the security needs of XML and Web Services today.

Your hardware security module for e-Payments payShield is dedicated to combat online fraud. Introduce its features.


Most IT pros have seen potentially embarrassing information about their colleagues

More than three-quarters of IT professionals have seen and kept secret potentially embarrassing information about their colleagues, according to new research conducted by AlienVault.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th