As government agencies get back to work after summer barbeques, family vacations and once-in-a-lifetime getaways, the focus is on the priorities for the rest of 2019. Cybersecurity remains one of the top concerns and priorities for our government.
The focus on the rest of 2019 and looking ahead to 2020 was very clear when I attended two recent industry events. I spoke at both an Air Force Information Technology and Cyberpower (AFITC) training event and the 2019 Billington Cybersecurity Summit. Although one presentation was on IoT and the other was on quantum computing, they both had the same undertone and messaging. That is to say, we must take data-centric approaches to secure our data today more than ever.
The Continued Impact of IoT
With IoT, this increases the attack vector exponentially. You have now added thousands of new entry points to your network with a very difficult task of securing updates and patches to these devices. You must assume at some point your network will either be infiltrated or you will experience an insider threat. We have already seen this first-hand with a number of data breaches resulting from insider threats, and many are taking place via the cloud.
Cloud itself represents a whole additional security challenge, in that, modern day security policies governing those systems in our data centers no longer apply to the cloud and its disrupting and innovative approaches. This requires a more evolved security policy and approach that doesn’t call for native key management as a services offer from cloud providers. I would not recommend entrusting your data in the cloud without maintaining control of the encryption keys that protect that data. We need to turn to vendors such as Thales who can assist with cloud migrations from a security vantage point.
Quantum Computing is Coming-Is the Federal Government Ready?
My other presentation was a roundtable with our partner ISARA on quantum computing and security. I can say we are closer than ever to quantum. The research, funding, and innovation is happening now! In fact, the U.S. government just issued a solicitation asking for quantum computing experts to join the National Quantum Initiative Advisory Committee. Thales partnered with ISARA, and can serve as a root of trust for their quantum safe algorithms. In addition, we are expecting National Institute of Standards and Technology (NIST) to certify stateful hash-based algorithms later this year. The Defense Information Systems Agency (DISA) also released a call for submissions on quantum in May.
Although quantum is not quite here today, it will be upon us before we know it and there is no ribbon for second place. The first to a quantum computer will have the power and capability to not only improve the world but also destroy all modern day encryption as we know it today. Nothing will be safe unless we continue to invest and innovate around this.
Thales is a leader in the data security space and we will ensure crypto agility is part of our solutions for customers across the globe. Check out our website to view our full portfolio of data security products.