Gina Scinta, deputy chief technology officer at Thales Trusted Cyber Technologies, said government agencies should implement proper access controls to better safeguard data from cyberthreat actors, including the use of multifactor authentication and crypto-agile platforms.
Scinta wrote that agencies should adopt multifactor authentication that depends on “some type of hardware- or software-based token for granting access to the environment and then to the data.”
“Furthermore, the White House executive order mandates the protection of data through encryption not only when it is at rest but also when it is moving to and from the network edge and beyond,” she noted.
Agencies should prepare for the post-quantum era by fielding crypto-agile platforms that back emerging quantum-resistant standards and classic cryptography to ensure data protection and know the importance of securing data at the edge, Scinta stated.
“Agencies must be able to apply the same level of security deployed in the core and the cloud to edge environments in order to adequately protect data,” she added.
She cited the quantum-resistant cryptographic algorithms that the National Institute of Standards and Technology selected and the need for agencies to assess their public key infrastructure and detect potential vulnerabilities.
Scinta also mentioned Thales TCT’s efforts to protect data in the post-quantum world, such as embedding some of those NIST-approved algorithms into the company’s encryption platforms and taking part in the Migration to Post-Quantum Cryptography Project.
