Follow the data

Michael Vergara, director of product management at RSA Security Inc., said he warns customers that it takes time and effort to secure information on an open network using cryptographic technologies.

The challenge for federal officials is understanding the data and how it flows through an agency. "I tell people: 'I can easily secure your data, but you have to tell me which data is valuable and which data is not,' " Vergara said. "That by far is the harder problem."

To help make that easier, security experts at the National Institute of Standards and Technology are revising a draft document that, when completed, will tell federal officials when they must use encryption to ensure data privacy and use digital signatures to guarantee data integrity.

"That's going to be a biggie," said Ed Roback, chief of NIST's Computer Security Division. But until that document, Special Publication 800-53, is completed and its recommendations become requirements, he said, federal officials are on their own in determining when they need to use cryptographic technologies.

One trend security experts expect to see grow is the use of cryptographic technologies inside agency firewalls, where, according to the experts, most federal information security breaches occur.

Featured

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Budget
    Stock photo ID: 134176955 By Richard Cavalleri

    House passes stopgap spending bill

    The current appropriations bills are set to expire on Oct. 1; the bill now goes to the Senate where it is expected to pass.

Stay Connected