Industry Insights with Neville Pattinson

Cyber Security: Virtual Border Control

Cyber Security: Virtual Border Control

It seems today the virtual world is devoid of any border requirements. It is not illegal to connect to a computing resource around the globe. There are no border crossings and special permission is not required to interact with others in the virtual world. Still, the same threat exists in the virtual world as does in the physical. There are still those who would seek to hurt the U.S. through virtual attacks and try to gain access to sensitive information or take down critical infrastructure. The solution that has been implemented... build a wall. In the virtual world, this is called a firewall and is designed to keep unwanted parties from accessing protected resources or sensitive information. As in the physical world, this simply is ineffective in stopping sophisticated attackers from bypassing this line of defense.

As the cyber threat landscape evolves, so must defenses. One can no longer function in the paradigm of building a wall around data resources. Access protection needs to extend to the individual access point. In many cases this is an individual pc protected by a user name and password. Just like the wall, this protection is simply the wrong choice at keeping cyber criminals out of sensitive areas. There needs to be a shift to a stronger form of authentication based upon higher level of identity assurance. The federal government has mandated this level of identity assurance be issued to all federal employees and contractors through Homeland Security Presidential Directive 12 (HSPD-12). The mandatory use of this credential for logical access has been further enforced throughout the Department of Defense. As the PIV credentials gain a high saturation level within all federal agencies it would make sense to mandate the PIV for logical access too, thereby eliminating the username/password vulnerability altogether.

By adding this layer of defense, protecting our cyber borders is extended down to the individual access point, significantly strengthening overall security posture. 

As these identity credentials have been rolled out within the federal government, it has provided a baseline by which to implement stronger multi-factor authentication methods. Practically, this means that the credential that is issued by federal employees or military personnel can also be used as the basis for accessing computer networks. This is much stronger than a user name and password combination because it requires the person attempting to gain access to use something they have (smart card based identity credential) and something they know (personal identification number or pass phrase) to gain access to the network.

By adding this layer of defense, protecting our cyber borders is extended down to the individual access point, significantly strengthening overall security posture. Notably, this example begins to looks for ways to provide this same level of identity assurance to citizens, enabling a broader scope of border protection to our virtual world.

Neville Pattinson, CISSP CIPP, is the vice president of government affairs and business development at Austin-based Gemalto North America. He is the chairman of the Smart Card Alliance and sits on the Department of Homeland Security Data Privacy and Integrity Advisory Committee. He can be reached at Gemalto, the world leader in digital security, last year supplied more the 1.4 billion secure personal devices for mobile connectivity, identity and data protection, credit card safety, health and transportation services, e-government and national security.

About the Author

Neville Pattinson

Neville Pattinson

VP of Government Affairs & Standards, NA., Gemalto

Pattinson is a leading expert on smart cards and using the microprocessor chip to keep identity credential data and biometrics secure and private. Pattinson has been heavily involved in planning and implementing a number of federal government security initiatives including the Department of Defense Common Access Card (CAC); the State Department's electronic passport; the Western Hemisphere Travel Initiative cards; the Department of Transportation's Transportation Worker Identity Credential (TWIC) and the Transportation Security Administration's Registered Traveler program. Pattinson works closely with the General Services Administration, Treasury, Homeland Security, Veterans Affairs and NASA, which all have smart ID programs underway.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.