Everyday we rely on technology to ensure continuation of our routine day to day activities. Access to clean drinkable water, open roadways free of congestion and chaos, power\u00a0to brighten our homes and businesses, and oil and gas supplies to cook our meals.\u00a0But what happens when the system breaks down?<\/p>\n

The critical infrastructure that supports this lifestyle\u00a0utilizes products that are\u00a0developed by the private industry. This technology that maintains and protects these systems are all presumed\u00a0to be tested for secured and authorized access, uninterrupted service, and redundant operation.<\/p>\n

Some governments are now realizing that not all of these networks and products are as secure as they expected.\u00a0As seen in Germany<\/a><\/span>, officials are uncovering severe vulnerabilities that could put critical infrastructure at risk.<\/p>\n

Like any network or security system, the threat of hacking or unauthorized entry\u00a0is ever present.\u00a0In order to prevent intrusion into our nationally maintained systems, governments have implemented and mandated the use of products that have gone through rigid product hardening and security testing. This ensures that product vendors are not only creating secure products, but using third party testing to verify their claims. Similar to the products that we use in sensitive data centers and networks that secure\u00a0our national defense, it is time we demand\u00a0that critical infrastructure elevate the requirements for the products being\u00a0used and ensure the protection of our local networks.<\/p>\n

If the Federal government is mandating the use of security certifications like FIPS 140-2<\/a><\/span>, Common Criteria<\/span><\/a>, and listing on the DoD’s UC APL<\/a><\/span> for Federal purchases, why haven’t we mandated their use for the critical infrastructure that protects the roads, natural resources, and support framework for our local cities and states?<\/p>\n

The truth is, some have, and more and more purchasing agencies\u00a0are starting to ask for proof that the security products they are acquiring\u00a0are backed by the government and accredited government partners. As this practice evolves, legislature will as well, finally requiring all security products to complete strict certifications and validations.<\/p>\n

Learn more about how each security certification can protect products and the way in which we secure our digital world:<\/p>\n

FIPS 140-2<\/a><\/span><\/p>\n

Common Criteria<\/span><\/a><\/p>\n

DoD’s UC APL<\/a><\/span><\/p>\n

Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":8029,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,127,5,91,9],"tags":[83,87,39],"class_list":["post-7932","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-common-criteria","category-dodin-apl","category-fips-140-2","category-security","category-uc-apl","tag-certification-roi","tag-industry-updates","tag-security-certifications","infinite-scroll-item","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","no-featured-image-padding"],"yoast_head":"\n