For Sean Lang, chief information security officer for the Library of Congress, email security is both an internal and external matter. Secured communications between LOC and the members of Congress it services is essential. But so is the library’s ability to interact with the public in a trustworthy manner, he says.
Although the Homeland Security Binding Operational Directive to implement the DMARC email authentication standard doesn’t apply to congressional agencies, Lang says LOC is actively studying it. “This is one of the important protections that of course we’re going to roll out and we are looking at,” Lang says. But he says a challenge to implementing DMARC is that many individuals or small businesses that deal with LOC may not employ DMARC, or they use service providers that haven’t installed it.
He adds that he’s discussing DMARC implementation with other IT and security staff from agencies across Capitol Hill.
Tom Temin, Federal News Radio
Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years. Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.
Sean Lang, Chief Information Security Officer, Library of Congress
Sean Lang is currently the Chief Information Security Officer for the Library of Congress. Prior to joining the Library of Congress, Mr. Lang was the Chief Information Security Officer for the Department of Homeland Security’s Science and Technology Directorate where he was tasked with assuring the information security for Department’s research labs. Mr. Lang has also held positions covering most IT security disciplines in both the private and public sectors. He has also taught courses on secure application development and testing.
Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. Optiv maintains premium partnerships with more than 350 of the leading security technology manufacturers.
Proofpoint Inc. is a leading next-generation security and compliance company that provides cloud-based solutions to protect the way people work today. Proofpoint solutions enable organizations to protect their users from advanced attacks delivered via email, social media and mobile apps, protect the information their users create from advanced attacks and compliance risks, and respond quickly when incidents occur.