Follow the data

Michael Vergara, director of product management at RSA Security Inc., said he warns customers that it takes time and effort to secure information on an open network using cryptographic technologies.

The challenge for federal officials is understanding the data and how it flows through an agency. "I tell people: 'I can easily secure your data, but you have to tell me which data is valuable and which data is not,' " Vergara said. "That by far is the harder problem."

To help make that easier, security experts at the National Institute of Standards and Technology are revising a draft document that, when completed, will tell federal officials when they must use encryption to ensure data privacy and use digital signatures to guarantee data integrity.

"That's going to be a biggie," said Ed Roback, chief of NIST's Computer Security Division. But until that document, Special Publication 800-53, is completed and its recommendations become requirements, he said, federal officials are on their own in determining when they need to use cryptographic technologies.

One trend security experts expect to see grow is the use of cryptographic technologies inside agency firewalls, where, according to the experts, most federal information security breaches occur.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected