Security Fad

You might think 1980s retro is confined exclusively to the world of pop culture. One look at the outfits everybody wears on American Idol, and it's clear the kids are trying to look like some kind of apocalyptic convergence of Pat Benatar, Gary Numan and Michael Jackson. And of course the upcoming movie version of 21 Jump Street means we'll be enjoying recycled '80s-TV trash for years to come.

But the '80s nostalgia fad is also taking off in a place the trend mags never track: the computer industry. I'm not talking about the fact that Steve Jobs is "cutting-edge" again -- which is scary enough -- but about the fact that high-tech military gigs are all the rage. Back in the Reagan era, the tens of thousands of engineers who got sucked into corporations with big military contracts called it "the defense industry," but today's police state teenyboppers are calling it "the security industry." The main difference between "defense" and "security" is that the latter includes protection against nonmilitary information attacks as well as writing low-level code for missile controllers.

Today's security contractors design things like smart body armor and remote-controlled fighter planes; they develop data-mining tools for terrorist fishing expeditions that plunder profiles on Friendster for signs of insurrectionary activity. The field is so hot that at the recent security geek conference CanSec West in Vancouver, B.C., participants practically had to fight off the recruiters with rubber hoses. Meanwhile, companies you'd never associate with security (such as Macromedia) are racing to place people in positions with titles like "chief security officer" and "security developer."

The security boom has been good for longtime players in the industry too. A particularly telling example is PGP, a company founded in 1996. But the PGP story really begins in 1991, when founder Phil Zimmerman released a free software program called Pretty Good Privacy (PGP). The program created a fairly user-friendly way for people to encode their e-mails using powerful, spook-grade encryption that couldn't be broken by anyone (including spooks). Zimmerman's idea was to bring privacy to the public, but the government was worried that the quick spread of PGP to other countries via the Internet would lead to some kind of murkily defined compromise of national security. In 1993, after a three-year criminal investigation, Zimmerman was charged with violating export laws -- a case that dragged on for another three years before the government dropped it. At that point, he founded PGP Inc. to market PGP to desktop users who wanted a simple way to encode their e-mails and to create easily authenticated digital signatures.

Although security is a hot industry now, back in the early 1990s it was often the domain of renegade freedom fighters like Zimmerman, whose pioneering work made it legal to export cryptographic software to other countries.

After Zimmerman sold PGP Inc. to megacorporation Network Associates in 1997, the small company almost died. Things hit rock bottom with massive layoffs in 2002, but later that same year a new company was born out of the crashed-and-burned, crypto-to-the-people outfit. Reconsolidated as PGP Corp., the new company has a business model that reflects the changed climate around security. Rather than aiming at end users, PGP is going after corporate clients. Its flagship product is the admittedly drool-worthy PGP Universal, which promises to make it easy for companies to encrypt all their e-mail. The advertorial on the PGP Web site says PGP Universal "enables communications to travel across organizational boundaries without compromising privacy, security, or confidence." This is the sort of pseudo-tech talk that could only tantalize execs living in an era of buzzwords that revolve around keeping information "secure" against "attack."