Follow the data

Michael Vergara, director of product management at RSA Security Inc., said he warns customers that it takes time and effort to secure information on an open network using cryptographic technologies.

The challenge for federal officials is understanding the data and how it flows through an agency. "I tell people: 'I can easily secure your data, but you have to tell me which data is valuable and which data is not,' " Vergara said. "That by far is the harder problem."

To help make that easier, security experts at the National Institute of Standards and Technology are revising a draft document that, when completed, will tell federal officials when they must use encryption to ensure data privacy and use digital signatures to guarantee data integrity.

"That's going to be a biggie," said Ed Roback, chief of NIST's Computer Security Division. But until that document, Special Publication 800-53, is completed and its recommendations become requirements, he said, federal officials are on their own in determining when they need to use cryptographic technologies.

One trend security experts expect to see grow is the use of cryptographic technologies inside agency firewalls, where, according to the experts, most federal information security breaches occur.

Featured

  • Defense

    DOD wants prime contractors to be 'help desk' for new cybersecurity model

    The Defense Department is pushing forward with its unified cybersecurity standard for contractors and wants large companies and industry associations to show startups and smaller firms the way.

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.