Stateful hash-based signature (HBS) schemes are digital signature schemes believed to be resistant to the threat posed by a cryptographically relevant quantum computer. NSA’s CNSA 2.0 encourages vendors to adopt stateful HBS schemes as defined in SP 800-208 immediately for all software and firmware code signing, with a requirement to support them by 2025. SP 800-208 requires that all stateful HBS key generation and signature algorithms b...

Registration for this event is now closed. Save the date for Cipher Summit 2024! Attendees will hear from their peers, industry pundits, and technology experts about the current federal cybersecurity landscape and learn about the solutions needed to help solve the most pressing security issues. This event will feature sessions on topics including the future of cybersecurity, cloud security, and securing AI. Cipher Summit serves as Thales TCT'...

Save the date for Cipher Summit 2023! Attendees will hear from their peers, industry pundits, and technology experts about the current federal cybersecurity landscape and learn about the solutions needed to help solve the most pressing security issues. This event will feature sessions on topics including: The Future of Network Security Cloud Security Best Practices Quantum Resistant Security Data Protection at the Edge Cipher Summit serves as...

High-performance computing (HPC) has long expanded from research labs to commercial use. Computational modeling and simulation along with high-performance data analytics using HPC systems are prevalent in industries from the design and manufacturing of aircrafts to consumer goods, life sciences, energy, and financial services. The emergence of artificial intelligence (AI) and its symbiotic relationship with HPC has augmented traditional method...

Certificate-based, multi-factor authentication is a mainstay security technique used by the U.S. Federal Government to ensure the identities of entities within a Public Key Infrastructure (PKI). For human users, multi-factor authentication is easily facilitated by using a secure smart card or USB token. But what about non-person entities (NPEs), like devices or software? These entities still must have hardware-secured credentials to meet secur...

Federal agencies require a simple way to correlate all security-relevant data so they can manage their security posture. Instead of merely watching events after they occur, agencies should anticipate their occurrence and implement measures to limit vulnerabilities in real time. For that, agencies need an analytics-driven SIEM platform such as Splunk. However, once data is correlated by SIEM tools, it becomes extremely valuable. By integrating...

High speed networks are the critical foundation that supports many of an agency's most vital communications and operations. However, this foundation is at risk of surveillance and attack by increasingly sophisticated cyber criminals and well-funded nation states. These network connections, if unprotected, are proving to be highly vulnerable, leaving sensitive assets exposed. Threats such as shared infrastructure exposure, man-in-the-middle att...

President Biden’s Executive Order (EO) has accelerated the crucial need to improve U.S. cybersecurity and move towards Zero Trust. When building a true Zero Trust Architecture (ZTA), it’s critical for agencies to understand that security solutions need to work together to provide the best line of defense. Almost every attack today requires a stolen identity or privilege to execute and initially compromise an environment or to move...

Organizations create data at unprecedented rates, all the time, in various locations including local storage, data lakes, and increasingly in public clouds. To protect data and comply with data protection and privacy requirements, you need visibility into the data you are collecting and storing to determine what data is sensitive and what is not.With complete visibility, you can easily uncover and close your gaps, make better decisions about t...

Certificate-based, multi-factor authentication is a mainstay security technique used by the U.S. Federal Government to ensure the identities of entities within a Public Key Infrastructure (PKI). Two primary components of multi-factor authentication are "what you have"--such as a securely stored private key--and "what you know", a password to unlock access to the securely-stored credentials. For human users, multi-factor authentication is easil...