Keith Ward
Keith Ward

Hacking is no longer the purview of amateur delinquents, as recent cyberattacks demonstrate. New generations of hackers are well-funded, may be legally protected, and either are funded or otherwise sanctioned by sovereign governments. These hackers are collectively known as the advanced persistent threat (APT) and are a C-level concern – especially among the aerospace and defense (A&D) communities, where mission-critical information moves across organizations and geographies, and requires the highest levels of security.

Leading A&D companies, governments and vendor partners must find ways to ensure that information can be shared securely – based on the concept of information protection for enhancement and standardization.

While the race between attackers and data owners continues, companies are increasingly embracing a defense-in-depth model, i.e., rather than focusing on perimeter security, organizations are embedding protection within the sensitive data itself. One emerging technology, information rights management (IRM), can provide a quick, thorough and relatively inexpensive capability to address the APT, and should form part of any company's overall APT threat reduction.

A combination of cryptographic technology, policy and governance constitutes a flexible and powerful identity assurance toolset to ensure that the identity of individuals seeking access to sensitive data has been confirmed to a level commensurate with the sensitivity of the data being requested.

While identity assurance focuses on the entity requesting access to an information asset, the concept of information asset protection is focusing on information labeling – the ability to mark a sensitive document in such a way that it can be systemically protected in accordance with its sensitivity and need to be restricted.