What Is Advanced Encryption Standard (AES), and How Is it Related to NIST?

Advanced Encryption Standard featured

Our digital age is rooted in the exchange of data, and therefore security of that data. Obfuscation, or encryption, has served as the backbone of that security for decades. As threats have evolved and attackers have found new and more sophisticated ways to break encryptions, it has been up to experts to provide solutions. In the year 2000, the solution was the Advanced Encryption Standard, or AES, which replaced aging encryption methods.


Read More

Post-Quantum Cryptography and the Quantum Computing Cybersecurity Preparedness Act

quantum computing featured

Quantum computing has long been a theoretical idea with limited practical application. The only usable quantum computers were only available to cutting-edge researchers supported by massive corporations or government-funded universities. 

As time has passed, however, these researchers have begun to make massive strides in making quantum computing realizable in a way that could impact modern technology. While these developments have been met with significant excitement… but this excitement is somewhat muted. Instead, many security experts are worried that they will fundamentally undermine the foundation of cybersecurity–encryption. 

To address this potential threat, Congress and the President have passed the Quantum Computing Cybersecurity Readiness Act, which dictates that agencies must consider adopting post-quantum encryption to maintain compliance.


Read More

Timeline for PCI DSS 4.0: The Fourth Requirement and In-Transit Encryption

PCI DSS 4.0 featured

As we move through the requirements of PCI DSS 4.0, we’ve reached the point where the standard specifies what it means to protect data as it moves through and outside of private and public networks. 

Encryption seems like a no-brainer, but in many cases, organizations have no idea how to manage their encryption approach properly. Key management, minimum strength, and application points can be challenging to juggle without understanding how it fits into the bigger picture. 

Here, we’ll discuss the fourth requirement of PCI DSS 4.0 and what it says about in-transit encryption.


Read More