Quantum computing requires new levels of cybersecurity

January 11, 2024 by Leave a comment

Federal sector expects increase in quantum activity during 2024

By Jimmy Baker and Bruce LaPine, PhD

If you’ve read any federal or state IT publications lately, then you should be familiar with the national cybersecurity concerns surrounding quantum computing. But what is the difference between classical and quantum computing, and what’s in store for federal agencies, both near-term and down the road?

The National Institute of Standards and Technology (NIST) had a deadline of November 22, 2023, for any feedback on proposed standards that could be strong enough to stand up to the threat that quantum computing poses to public sector security.

NIST is defining security standards for the age of quantum computing, along with some definitions of the language associated with the quantum world.

Technology advances create security vulnerabilities

As quantum.gov indicates, quantum-based technologies are already making seismic shifts in the private sector, and government is not far behind. Examples of quantum computing already making a difference in technology, quantum.gov states, include GPS, magnetic resonance imaging, semiconductors and lasers for telecommunications.

Because Quantum Information Science (QIS) and Quantum Information Processing systems (QIPs) are so profoundly revolutionary, their capabilities can be used by adversaries to cause detrimental effects to business, industries and the government sector.

One of the major technology areas that may be affected with the projected power and speed of quantum computing is today’s encryption. Current algorithms take a massive amount of compute power and time to break an encryption code using a conventional computer.  

Quantum computing systems have the ability to perform simultaneous computations at an exponential rate when compared to the linear processes of today’s conventional computers. What would have taken many years with today’s computers can be performed in as little as hours using quantum-based systems.

Because of this extremely short compute time, quantum computing has the unfortunate effect of extinguishing any possible safety factors. Consequently, most currently encrypted transactions involving information exchange are at risk.

NIST algorithms for quantum-resistant encryption

After much research, NIST selected four algorithms that are likely to withstand quantum computer attacks. The agency is working to standardize these algorithms as a last step to enabling organizations around the world to integrate them into their encryption infrastructure.

The proposed standards include:

  • CRYSTALS-Kyber, for general encryption purposes such as creating secure websites (covered in FIPS 203).
  • CRYSTALS-Dilithium, to protect digital signatures when signing documents remotely (covered FIPS 204).
  • SPHINCS+, another proposed algorithm for digital signatures (covered in FIPS 205).

A draft standard for FALCON, the fourth algorithm, which will also address electronic signatures, will be released in about a year, NIST says.

The proposed standards are distinct guidelines that will impact both the commercial and federal sectors. There’s much activity being planned in quantum computing in the federal sector from now through the end of 2024. By familiarizing yourself with quantum topics and the upcoming initiatives being proposed by NIST, you’ll be in better shape to position your offerings properly in the post-quantum information exchange world.

Contact an immixGroup representative about quantum computing and other trends that should be on your radar.

Jimmy Baker is public sector marketing strategist and Bruce LaPine, PhD is security architect for immixGroup, the public sector business of Arrow Electronics. immixGroup delivers mission-driven results through innovative technology solutions for public sector IT.

Visit http://www.immixGroup.com/ for more information.

Want to keep on top of federal procurement regulations? Subscribe to immixGroup’s Government Sales Insider blog now!

Filed under Market Intelligence, Public Policy, Sales, What is...? Tagged with , , , ,

What Is a Program?

February 18, 2021 by Leave a comment

If you’ve attended any of immixGroup’s briefings or webinars, you’ve probably heard us say that programs are the most important insertion points for most technology purchases within the federal government, especially for COTS products. In this blog we’ll walk through why they are important and what you should know before engaging with program offices.

But first, what is a program?

Programs, or more formally Programs of Record, are budget line items that exist to fulfill an agency’s mission. The Department of Defense’s definition is a good one and applies governmentwide: a funded effort that provides a new, improved, or continuing materiel, weapon or information system or service capability in response to an approved need. That pretty much sums up a program’s purpose, whether it’s DHS, USDA or DOD. Program managers run the program and most programs include some IT. Some programs are only IT focused.

Program Offices, Program Managers

Programs are so important because they are at the sweet spot of a department’s technology acquisition hierarchy with the program manager being senior enough to have a role in shaping the strategy and policy discussions surrounding the program’s mission. In addition, his or her office also represents the end user who will be using your product or service in the course of doing their job. Consequently, the program office has a central role in influencing the specifications and choices around the product or service.

Read more of this post

Filed under Market Intelligence, Sales, What is...? Tagged with

What is a Smart City?

September 27, 2018 by Leave a comment

By Rachel Eckert, SLED consultant

Most of us who have been in and around the state, local and education space (SLED) have seen the term “smart city” more times than we can count. A simple search for “what is a smart city” returns dozens of examples, definitions and solution sheets that explain specific implementations being done under the heading of “smart city.” In a nutshell, a smart city is one that aims to improve the delivery of services to its citizens using technology.

That’s a simple definition and easy enough to understand, but, how does a city become smart? What technologies do they use to be smart? How does a vendor approach a city to make it smarter? And when you add in the typical SLED wrinkle with each city being its own fiefdom, finding a common definition and a strategy to target a smart city is understandably difficult.

Let’s dive into that definition a bit deeper. Cities provide all sorts of services to their citizens including public safety, transportation, health care and more. Each year, cities see their populations grow, thus increasing the number of people to whom they must now provide those public safety, transportation or health care services. The problem is that most cities aren’t seeing the same increase in budgets, leaving them with taxed resources and an ever-growing mission.

Read more of this post

Filed under Market Intelligence, Marketing, Sales, SLED, What is...? Tagged with , , , , , ,

What is NAICS?

April 18, 2018 by 1 Comment

Chris WiedemannWhat is a contract vehicle?By Chris Wiedemann, consultant

Over the course of this series, we’ve covered a lot of the ins and outs of government contracting in the IT and COTS space.

Of course, the government buys products and services across the full range of the American economy, in addition to its role in monitoring, reporting on and regulating American industry. That led to the need for a classification system to bucket American companies based on the service or product they provide – the North American Industrial Classification System (NAICS).

NAICS codes, as they are known, are six-digit codes that categorize companies and are used by the government in different ways. For example, every solicitation that an agency releases must indicate a primary NAICS that the solicitation pertains to (and, in some cases, additional NAICS codes that might apply).

Read more of this post

Filed under What is...? Tagged with , , , , ,

What is Exhibit 53?

March 7, 2018 by Leave a comment

What is a prime and a sub?

As we’ve hopefully conveyed over the course of this “What is…?” series of blog posts, selling to the federal government is a complicated and involved process. It’s been compared to doing business in a different country, and in many ways, that’s an apt comparison. There are enough differences in rules, language and requirements that you can’t just bring commercial sales tactics to bear and expect to be successful.

However, there are some instances where those different rules work in our favor. For example, because the government primarily spends money that is appropriated from taxes, it’s required to show how it’s being used. Which brings us to agency IT Portfolios, formerly (and still informally) known as the Exhibit 53.

Read more of this post

Filed under Market Intelligence, What is...? Tagged with , , , , ,

What is FBO?

November 30, 2017 by Leave a comment

Chris WiedemannWhat is a prime and a sub?By Chris Wiedemann, consultant

In my last post, I covered solicitations – where the rubber meets the road in federal procurement. As I mentioned, solicitations take different forms and come out in different ways. Most of them come out on specific contract vehicles, and in turn, most of those vehicles have specific bid boards (for example, solicitations on the SEWP GWAC are released to the SEWP website, while GSA Schedule solicitations are released to eBuy).

This has the advantage of limiting the universe of competition, which makes the buying process easier on the government. However, there are occasions when a government buyer wants to open up a solicitation to the entire industry. This is known as an “open market” solicitation – and if the value of the planned acquisition is greater than $25,000, you’ll find it listed on Federal Business Opportunities, better known as FBO.

Read more of this post

Filed under Market Intelligence, What is...? Tagged with , , ,

What is a solicitation?

September 21, 2017 by Leave a comment

Chris WiedemannWhat is a prime and a sub?By Chris Wiedemann, consultant

In our last “What is…?” post, we covered one of the basics of federal contracting: the concept of a prime contractor and subcontractors, or “primes” and “subs.” However, we left a key question unanswered – how does the government actually decide which company to award prime contracts to?

As you might expect, there are a lot of moving parts involved in the awarding of government contracts, whether you’re talking about relatively simple product buys or complex, multi-layered systems development and integration work. No matter the scope, though, the competition process usually begins in one place – the solicitation.

Read more of this post

Filed under Sales, What is...? Tagged with , , , , ,

What is a prime and a sub?

August 17, 2017 by 1 Comment

Chris WiedemannWhat is a prime and a sub?By Chris Wiedemann, consultant

So far in our “What is…?” series, we’ve covered some of the basics of selling commercial items to the federal government, and with good reason – at immixGroup, our suppliers and partners are in the commercial business, and we care about the way our customers buy our products.

However, if you dig into the numbers, you’ll see that the bulk of the federal government’s annual IT spending doesn’t go to buying standalone commercial products. Instead, the bulk of IT contracting is done for services – in other words, paying companies to do things like staff federal data centers; provide hosting and infrastructure management; or develop, engineer and manage complex solutions and mission systems.

Read more of this post

Filed under Market Intelligence, What is...? Tagged with , , ,

What is a set-aside?

July 6, 2017 by Leave a comment

By Chris Wiedemann, consultant

Over the last few months, I’ve blogged on the basics of government contracting and selling to government customers – focusing on things like contract vehicles, the Federal Acquisition Regulations, the General Services Administration and federal cybersecurity requirements.

Taken together, those topics describe a basic framework for government procurement and the way industry interacts with it. They also demonstrate that public sector customers (both federal and state/local) behave differently than customers in the commercial space.

However, we haven’t yet addressed one of the most fundamental differences between public and private sector customers: The government, in addition to needing industry to help fulfill its mission, has a broad incentive to encourage economic growth across all sectors of American industry. Often, this growth means prioritizing small businesses over large corporations in contracting – and there are a set of contracting tools, known as set-asides, that enable just that.

Read more of this post

Filed under Sales, What is...? Tagged with , , , , , ,

What are FISMA and FedRAMP?

June 6, 2017 by Leave a comment

By Chris Wiedemann, consultant

Whether you’re a veteran of federal IT sales or a complete newcomer to the space, there’s one recurring theme you’ve probably noticed in the way our customers talk to industry: regardless of their mission or program, they all mention cybersecurity as a critical part of their job.

Given the sheer number of incidents and the size and scope of federal networks, not to mention the often sensitive information they contain, the focus on security makes business sense. However, as is often the case with government, there’s an extra factor to their behavior – they’re required by law to secure federal networks. One law in particular – the Federal Information Security Management Act (FISMA) – plays a critical role in determining how agencies need to secure their environments.

Read more of this post

Filed under What is...? Tagged with , , , ,

Older posts