Government Matters Logo
Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
Brig. Gen. Gregory Touhill (USAF Ret.), former federal chief information security officer and president at Cyxtera Federal Group, discusses problems with current government network authentication methods, and how identity-centric strategies […]

Brig. Gen. Gregory Touhill (USAF Ret.), former federal chief information security officer and president at Cyxtera Federal Group, discusses problems with current government network authentication methods, and how identity-centric strategies may be the future of securing information.


Confirming identity is a key part of any risk management strategy. In both the public and private sectors, it’s vital to make sure that people accessing buildings, information and networks are allowed to be there. However, the standard HSPD-12 ID card used in the federal government is starting to show its age, compared to private sector access management systems. “It’s still effective against most hostile actors. However, [if] we take a look at the sophistication of nation-state actors, as well as some criminal groups, that type of elderly technology is quickly becoming aged out,” Brig. Gen. Gregory Touhill (USAF Ret.), former federal chief information security officer and president at Cyxtera Federal Group. “I like the fact that the federal government is now taking an identity-centric approach, as opposed to a network-centric approach to managing information.” Touhill says that HSPD-12 and its Department of Defense counterpart, the Common Access Card, have had security gaps for several years. The issues originate in Transmission Control Protocol and Internet Protocol (TCP/IP); The computer handshakes that form the backbone of most networks. “The way TCP/IP works is you connect first, then you authenticate, that’s how it was designed. DARPA when the Cyber Genome Project was launched back in 2004 recognized that was a problem,” Touhill told Government Matters. “As a result of the research that DARPA kickstarted, a whole new category of identity-centric approaches have emerged, because you don’t want to connect and then authenticate, you want to authenticate first.”  

Share This
Where to Watch
  • WJLA 24/7 News
    Weeknights at 8 PM and 11 PM on WJLA 24/7
  • ABC7
    Sunday Mornings at 10:30 AM on ABC7
  • AFN American Forces Network
    Worldwide on American Forces Network
Sponsored

RPA: Automating Workloads to Drive Mission Outcomes

Watch on Thursday, October 24th at 8:30 and 11:30 p.m. on WJLA 24/7 News
More
October 2019
M T W T F S S
« Sep    
 123456
78910111213
14151617181920
21222324252627
28293031  
Our Brands
  • Government Matters Logo
  • Government Matters Defense
  • Government Matters Thought Leadership Network