Wayne Lewandowski, vice president of federal operations at Vormetric, has said the federal government should develop a cybersecurity strategy that focuses on the adoption of encryption and access controls for privileged users in order to safeguard critical data from cyber attacks.
Lewandowski wrote in a Federal News Radio commentary published Wednesday that such a strategy calls for the implementation of a “detailed discovery” approach to identify sensitive information.
“This approach, which is best done with encryption, access controls to encrypted data and then monitoring of access patterns for privileged users is the best first step to take to limit the damage from penetrations to the network and extraction of data,” Lewandowski said.
“Nothing is an absolute in security… but, encryption with access-based controls has proved effective at removing many threat vectors associated with system administrators and root access,” he added.
Lewandowski wrote computer systems across federal agencies need updates in order to facilitate integration with “modern security tools” and cybersecurity training against phishing and other cyber threats.
He also mentioned the programs under President Barack Obama’s Cybersecurity National Action Plan that include the proposed $3.1 billion fund for federal information technology system updates and the development of a national commission focused on cyber.