STIGs, FIPS, ZT, and API Security
Leading by Example The United States has been a…
As both a military officer and FBI Agent, I (Dean Phillips) took an oath to defend the Constitution from enemies, foreign and domestic. The Constitution provides a framework for Democracy and the rule of law; it’s imperative to our way of life. The need for robust defense against threats to our Democracy and the rule of law never changed over the course of my time in service, but the nature of the threats did.
Years ago, we focused on threats in the physical world, whether a spy, a criminal actor, or terrorist. Now, users store and access very personal information online, using the virtual realm to simplify their lives in the physical, and threats in the virtual realm are significant. Data loss isn’t just about a foreign enemy stealing information on a weapon system. It’s about sensitive information that can be used to impersonate and steal someone’s life savings, or the theft of intellectual property that will significantly benefit a competitor and harm the researcher. The asymmetric nature of the cyber threat allows individual actors to do significantly more damage than they could have done years ago when threats were isolated to the physical realm.
I am no longer on the front lines with my brothers and sisters defending Democracy. I was not in the trenches as a senior leader, but it was my duty to ensure the folks who were had the tools to do their jobs. That included protecting the tools, the data, and the operations from compromise. Operations could be blown, weapon system effectiveness could be negatively impacted or negated, and lives could be lost if our sensitive data was not protected. Information and operational security is paramount – losing the advantage to a cyber breach places our front line defenders at risk.
With the explosion of applications through the confluence of the physical and virtual worlds, the opportunities for exploitation by cyber threat actors is enormous. That’s one reason I decided to move into a cybersecurity role now – I’m too old for the trenches, but not too old to help protect the data. I’m starting with Noname Security, a rapidly growing company focused on API security. I hope to bring awareness to the issue in order to protect intellectual property from theft and businesses from losing competitive advantage, to protect the personal information of everyday citizens who stand to lose something they value, and to protect those who protect us. A secure digital environment helps keep the physical world safe for Democracy.
Stay tuned for the next post in our series – our public sector team will discuss Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity and how it relates to API security.
Experience the speed, scale, and security that only Noname can provide. You’ll never look at APIs the same way again.