by Michael Peters

FedRAMP and Encryption

A critical component of the FedRAMP framework is its adherence to cryptographic standards, specifically the Federal Information Processing Standard (FIPS) 140-3. Data privacy is essential to compliance, and the National Institute of Standards and Technology has clearly defined the requirements for just how a FedRAMP-compliance organization encrypts its data.  This article will cover those requirements… Read More

by Michael Peters

Encryption Strategies for Controlled Unclassified Information (CUI) in Hybrid Cloud Systems

Adopting hybrid cloud systems—blending private on-premises infrastructure with public cloud services—has surged as organizations seek scalability, cost-efficiency, and flexibility. However, securing Controlled Unclassified Information (CUI) in these environments remains a critical challenge. These systems will use encryption to protect this data… but hybrid clouds introduce unique complexities due to data mobility, shared responsibility models, and… Read More

by Michael Peters

What Is Post-Quantum Cryptography and Apple’s PQ3?

The existence of quantum computers on the horizon has shaken the cryptography world, and researchers and scientists have received a massive response to build feasible Post-Quantum Cryptography (PCQ). Recently, Apple has taken an enormous step forward by announcing their own PCQ systems, PQ3, in Apple devices.  Learn more about PCQ and Apple’s announcement and the… Read More

by Michael Peters

Biometric Encryption and Protecting Personal Data

With traditional passwords becoming increasingly vulnerable to breaches, the focus has shifted towards more secure and unique identifiers – our biometric data. Biometric encryption stands at the forefront of this evolution, merging individual biological traits’ uniqueness with cryptographic techniques’ robustness.  This article will discuss how biometric encryption works, its applications, and challenges in the rapidly… Read More

by Michael Peters

What Is Advanced Encryption Standard (AES), and How Is it Related to NIST?

Our digital age is rooted in the exchange of data, and therefore security of that data. Obfuscation, or encryption, has served as the backbone of that security for decades. As threats have evolved and attackers have found new and more sophisticated ways to break encryptions, it has been up to experts to provide solutions. In… Read More

by Michael Peters

Post-Quantum Cryptography and the Quantum Computing Cybersecurity Preparedness Act

Quantum computing has long been a theoretical idea with limited practical application. The only usable quantum computers were only available to cutting-edge researchers supported by massive corporations or government-funded universities.  As time has passed, however, these researchers have begun to make massive strides in making quantum computing realizable in a way that could impact modern… Read More

by

Timeline for PCI DSS 4.0: The Fourth Requirement and In-Transit Encryption

PCI DSS 4.0 featured

As we move through the requirements of PCI DSS 4.0, we’ve reached the point where the standard specifies what it means to protect data as it moves through and outside of private and public networks.  Encryption seems like a no-brainer, but in many cases, organizations have no idea how to manage their encryption approach properly.… Read More

by

Timeline for PCI DSS 4.0: The Third Requirement and Protecting Stored Data

PCI DSS 4.0 req. 3 featured

While having only 12 requirements might make PCI DSS seem like a simple standard, each requirement is incredibly important and, if you aren’t paying attention, can specify practices you aren’t implementing. In the case of the third requirement, this could mean that you’re not actually protecting the most critical data that is in your possession–that… Read More