July 2017 | SafeLogic

Archive for July, 2017

18 Jul 2017

HBO’s Silicon Valley Foreshadows Possible Federal Storyline

Originally posted in its entirety at CIOstory.com.

HBO Silicon ValleyRecently, HBO’s hit series Silicon Valley made reference to the once-esoteric FIPS 140-2 validation process for encryption. In the show, the massive Hooli juggernaut is pulling out all the stops to stake claim to market share and elbow out Pied Piper, the brainchild of protagonist Richard Hendricks. Amidst the inside jokes from the Bay Area and the Easter eggs for techies and entrepreneurs, Silicon Valley does a fantastic job illustrating the dynamics between incumbent vendors and disruptive startups in real life. While it is certainly fictionalized (although who doesn’t recognize an Erlich Bachman in their life), HBO’s portrayal of the stark contrast in resources is on point. Pied Piper is a skeleton crew, while Hooli has budget and personnel to spare. So in that context, what is FIPS 140-2 and why did HBO feature it in their script?

Keep reading at CIOstory.com!

BlogFooterWalt3

13 Jul 2017

A Golden Age in Federal Technology Procurement

Originally posted in its entirety at AFCEA’s Signal Magazine.

orange-capitolThe National Institute of Standards and Technology’s (NIST) benchmark for encryption modules has seen recent innovation, opening the playing field for competition.

For years, NIST’s Federal Information Processing Standards (FIPS) 140-2 validation list read like a Who’s Who of Fortune 100 technology vendors. Only those products that leverage cryptographic modules shown on the list were eligible for federal agency deployment. Until recent changes, only the deepest pockets could absorb the costs of development, testing and expensive consultants to facilitate introducing solutions into the federal marketplace.

Soft costs for FIPS 140-2 validation efforts added up as well, with significant hours required from engineering teams. The result? A huge barrier to entry, effectively blocking any technology company outside of the elite (or rich) from participating in the lucrative federal cybersecurity market. It built a phenomenal feedback loop for those big enough to enjoy it. It was fantastic for the vendors on the inside, but terrible for agencies severely limited in their available options for deployment.

Keep reading at AFCEA’s Signal Magazine!

BlogFooterRay3