Sectigo (formerly Comodo CA) has acquired Icon Labs, a security company providing cross-platform solutions for embedded OEMs (Original Equipment Manufacturers) and IoT (Internet of Things) device manufacturers.
With the IoT market expected to reach more than 75 million devices by 2025, securing connected devices across an ecosystem has become a top priority for the leading Certificate Authorities. While the encrypted traffic across the web has surpassed the 80% mark, IoT devices are being left behind.
A recent SonicWall report on Cyber threats concluded that in 2018 alone, the number of attacks against IoT devices increased to a whopping 32.7 million (217 percent). Such an alarming figure, calls for enhanced protection, and engagement from security companies.
“Icon Labs has been growing and addressing this challenge by securing the device market for more than two decades. For the first time, embedded security technology is combined with device authentication and identity management to provide customers with a complete IoT security platform that solves many of the challenges presented by the rising number of threats,” said Bill Holtz, CEO, Sectigo.
Alan Grau, the founder of Icon Labs, praised the acquisition and the benefits it brings to the IoT industry.
“By joining Sectigo, Icon Labs is contributing to a powerful advancement in connected device security. We are securing IoT devices and the convergence of traditional IT systems and Operational Technology (OT); that is, the hardware and software that detects or causes changes in physical processes through direct monitoring and/or control of physical devices.”
With this acquisition, Sectigo becomes the first trusted, third-party Certificate Authority to offer end-to-end security for every connected device, form the POM (point of manufacture) and during the whole lifecycle. The graph below illustrates how Sectigo and IconLabs seamlessly integrate.
Source: Sectigo IoT Platform
Sectigo IoT Security platform and its features
- Secure Boot – Offers embedded software APIs that provide software integrity from the initial “power on” to application execution and allow developers to securely code sign boot loaders, microkernels, operating systems, application code, and data. Upon system startup, Sectigo checks the authenticity of code and data before execution and before authorizing installation or updates.
- TPM Integration – Provides certificate storage integration in Trusted Platform Module (TPM) compliant secure elements.
- Embedded Firewall – Runs with Real-Time Operating Systems (RTOS) and Linux to set up filtering rules and offers deep packet inspection for industrial protocols, including Controller Area Network (CAN bus).
- Secure Remote Updates and Alerts – Ensures security components have not been altered, offers authentication from the OEM, and issues warnings if firmware validation fails.
- On-Premise CA – Broadens Sectigo cloud-based CA to also enable an on-premise CA, providing role-based user management, high-performance delivery on-site, and remote device audits.
This high-profile transaction is a win-win situation not only for Sectigo and Icon Labs, but for the entire IoT sector. It correlates with Sectigo’s recent rebranding and the company’s expansion beyond its main SSL/TLS certificate business.