Vice President, Smart Credentials
Future-Proofing Against Cyber-Physical Threats to the Government Sector: Quantum Computing, Zero Trust and More
This session will explore trends in current and expected future cybersecurity requirements affecting security systems. In support of key federal initiatives like zero trust, digital transformation, software modernization and DevSecOps, the speed and increase of new applications and services delivered in agile and extensible cloud-hosted environments forces government security professional security professionals to transform and modernize approaches to key processes and approach to activities such as implementation, monitoring and authorization of applications and services in the cloud.
Looking ahead of the curve, President Biden’s National Security Memorandum outlines plans to address the risks posed by quantum computers to America’s cybersecurity, data, digital assets and more. In the not-too-distant future, quantum computers with a sufficient sophistication level will break much of the cryptography that currently secures our digital data and transactions, including identity management solutions. This course of events will present a new challenge of implementing quantum-safe identity credentials and protocols.
Why Federal Agencies Should Leverage ISO 18013-5 Mobile Credentials Beyond Mobile Driver’s Licenses (Co-Presented With the Secure Technology Alliance)
This session will explore why federal agencies should be interested in advancing implementation of mobile credentials. The technical model of the International Organization for Standardization (ISO) standard for mobile driver’s licenses (mDLs), ISO 18013-5, has been recognized by both public- and private-sector entities and organizations as a viable and secure foundation for mobile credentials other than mDLs. ISO 18013-5 defines a mobile document (mDoc) structure that accommodates use-case specific custom identifiers and attributes. mDoc identifiers and attributes are cryptographically authenticated by relying parties, using a suite of interoperable interfaces which can support local and remote (offline and online) validation.