Cryptography and Encryption  for Public Sector Organizations

 

Cryptography is Ubiquitous, Critical, and Highly Regulated

  • Cryptography is everywhere. It is a key security control that enables privacy, security, and trust in our digital world

  • NIST's FIPS 140 standard dates back to 2001 and specifies extensive laboratory testing and certification for cryptography implementations sold to the US government

  • Numerous additional government security standards and frameworks, including FISMA, NIST SP 800-53, Common Criteria, DoDIN APL, FedRAMP, StateRAMP, CMMC 2.0, and CNSA 2.0, have all adopted FIPS 140 as the gold standard for cryptography compliance

  • Whether you are buying technology that uses cryptography to perform encryption, or writing custom software, you will need FIPS 140 validation.  However, getting that certification can take two or more years

FIPS Flower

 

Classical Cryptography is Under Threat from the Emergence of Quantum Computers

Quantum Computers-1

 

  • Asymmetric (public/private key) cryptography  has been used in almost every aspect of computer security for 30 years

  • Classical PKI algorithms rely on mathematical problems existing computers cannot easily solve, but emerging quantum computers will solve easily

  • Gartner predicts quantum computing will make existing systems unsafe to use cryptographically by 2029

  • Cryptographic products and services will need to be updated or replaced to use post-quantum cryptographic (PQC) algorithms to protect against this threat

  • NIST is standardizing PQC algorithms in the summer of 2024 after an extensive 5+ year evaluation process. Once standardized, they will be added to FIPS 140

The Quantum Cybersecurity Preparedness Act Mandates that OMB and Federal Agencies Begin the Transition to Post-Quantum Cryptography

  • In December 2022, President Biden signed the Quantum Cybersecurity Preparedness Act, bipartisan legislation designed to secure federal government IT systems and data against the emerging threat from quantum computers 

  • The Act requires each agency to establish and maintain an inventory of information technology it is using that is vulnerable to decryption by quantum computers

  • It also requires OMB to work with agencies to begin migration to PQC no more than one year after NIST publishes standards for PQC algorithms, now expected in Summer 2024

  • The bill applies to all federal agencies except national security systems, which are covered by the NSA’s CNSA 2.0 that also mandates migration to PQC

Quantum Cybersecurity Preparedness Act

 

SafeLogic is an Ideal Strategic Cryptography Software and Services Partner for Pubic Sector Organizations

3 Circles

 

Public Sector IT organizations face daunting requirements for next-generation cryptography: comprehensive solutions that interoperate with their entire tech stack, manageable deployability both now and in the future as the world transitions to post-quantum cryptography, and compliance with ever-changing regulatory frameworks starting with the transition to FIPS 140-3.

Trusted by many of the world's top firms, SafeLogic expedites and streamlines the adoption of FIPS 140-validated classical and post-quantum cryptography. Our holistic and interoperable cryptographic solutions save our customers time, effort, and money while ensuring their use of the strongest cryptography available.

SafeLogic Partners with Carahsoft to Bring FIPS 140 Certified Classical and Post-Quantum Cryptography Solutions to the Public Sector, Education and Healthcare

  • Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government and Education and Healthcare. As the Master Government Aggregator® for its vendor partners, Carahsoft delivers solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. Working with its reseller partners, Carahsoft's sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit Carahsoft at www.carahsoft.com.

  • SafeLogic's industry-leading cryptography software and services are now available from Carahsoft via a growing list of contract vehicles

SafeLogic and CarahSoft Partnership

 

Want to know more about how SafeLogic cryptography solutions can help your public sector organization? Speak with one of our experts!