Rob Roy, public sector chief technology officer at Micro Focus Government Solutions, has said information technology modernization offers agencies an opportunity to make incremental changes to address cybersecurity risks.
Roy wrote that agencies should consider alternatives to an all-or-nothing type of encryption, which could provide hackers a chance to unlock data once they secure appropriate credentials.
He said one of those alternatives is Format Preserving Encryption with Micro Focus SecureData, which has a National Institute of Standards and Technology certification for government use.
“For example, FPE can selectively encrypt data on credit card holders in a company’s database,” he noted.
“Users or administrators can view only enough data to help service the card holder’s account, which also restricts the access of hackers who might obtain a user’s credentials.”
Roy also mentioned how the 60-day cyber sprint at the Office of Personnel Management following a data breach in 2015 prompted agencies to initiate certain security measures such as implementing multifactor authentication and patching vulnerabilities.