The Next Step in FIPS 140-2 and Cryptography

Changes in Security Certifications: 

With the extension of the FED budget, companies have begun to plan and develop their 2016 FED sales objectives with an eye on the expanding $70B total addressable market.  These companies are looking for ways to stay abreast to all changes affecting spending at the national level, as well as initiatives to increase security around their products.  Similar to the updates we saw at ICCC around Common Criteria (CC), The International Cryptographic Module Conference (ICMC) in Washington DC is sure to generate more news and updates on FIPS 140-2 and cryptography.  These updates will drive decisions around FED buying and will influence, not only Government spending, but also decisions about accepted levels of product security.  The need to be at the forefront of these changes is critical and attendees will have the opportunity to witness it first hand; helping to spur innovation around a more secured FED product environment.

 Product Vendor Focus:

This is just one example of the numerous events that industry holds in order to bring together individuals and organizations from around the world that are committed to the advancement of FIPS 140-2 and the security of products. As part of the conference, Corsec’s Matt Keller will be giving a presentation on “CSfC Program and its FIPS 140-2 Requirements”.  He will explain the NSA/CSS Commercial Solutions for Classified (CSfC) program and discuss how FIPS 140-2 validation and adherence to Suite B will impact a vendor’s ability to be listed on the CSfC Components List.  All product vendors interested in achieving a CSfC listing should attend.  While the FIPS 140-2 program is focused on sensitive but unclassified government space, FIPS 140-2 validation plays a key role in the CSfC program.  Additionally, Matt will cover the particular product types that require this additional level of security assurance and the benefits of achieving this listing for products that do not have these mandatory requirements – This gives product vendors a unique opportunity to learn more and find out the changes that are affecting their space.

 Participation at these conferences is vital as we gain inside knowledge of the changes, modifications, advancements in the standard, as well as help influence them. Product vendors hoping to better understand the changes as well as influence policy must attend.

 Can’t Make the Conference?

The commitment and resources needed to attend events such as these around the globe are costly and time consuming. If you are unable to attend, connect with us to gain insights on conference outcomes and how they will affect your 2016 federal goals and product security initiatives.

 Over the past 17 years Corsec has been committed to maintaining an active leadership role in the security certifications industry. Our involvement in the Common Criteria (CC) community in particular, has allowed us to establish and sustain relationships with industry leaders, as well as play a key part in influencing the direction of the standard and its policies.