Making systems as they were intended – that’s been the focus of Portland-based tech company Galois from the very beginning. For the past 15 years, the company has focused on research and development of technologies that protect networks, systems, devices and vehicles. That critical work has translated into sizable contract wins, most recently, with the award […]
Galois has been awarded a sub-contract by SRI International under a DARPA program to protect against counterfeit electronic components and associated security concerns by introducing low-cost secure authentication components in the hardware supply chain. The contract was awarded as part of DARPA’s Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program. Building upon Galois’ 15-year history developing defensive cybersecurity technologies, Galois’ effort will focus on cryptography, secure network protocols, and authentication.
Significant events tend to trigger significant reactions. In the immediate aftermath of 9/11, fingers pointed to the lack of information sharing among government agencies at every level as the root of our inability to predict the attack, which unsurprisingly led to calls for total information sharing (TIS). Then, on the heels of a string of […]
“The proliferation of mobile and IoT-connected devices has accelerated the need for user authentication that moves beyond passwords, and there is evidence that individuals increasingly view password-based authentication as ill-suited for today’s complex threat landscape.”
Portland, OR – December 07, 2015 – Galois today announced that its Jana project has been selected for the Defense Advanced Research Projects Agency (DARPA) Brandeis program – an ambitious effort to unlock the full potential of big data while protecting the privacy of data as it is shared and analyzed across the government, enterprise and […]
“[…] people who have tried to deploy authentication devices for smart homes have had a lot of trouble getting them to work, and they’re kind of expensive,” said Isaac Potoczny-Jones, computer security research lead at Galois.“Since a mobile phone can do cryptography, and because we can build beautiful and easy-to-use interfaces on mobile phones, we […]
Amid growing concerns that IoT devices are inherently vulnerable to attacks that could compromise users’ information privacy and security, Galois today announced that it has been awarded a $1.86 million NIST National Strategy for Trusted Identities in Cyberspace (NSTIC) grant to build a secure data storage system that enables next-generation IoT capabilities without sacrificing privacy. Galois’ authentication and mobile security subsidiary, Tozny, will serve as the technical lead for the NSTIC pilot program.
“In a recent 2015 cybersecurity report, AT&T charted a 458% increase in Internet of Things (IoT) vulnerability scans of devices. This is just the latest indication that hyper-growth of IoT devices, sensors and systems across business, consumer and government sectors puts users’ information privacy and security at risk.” In this Network Computing piece, Galois’ Isaac Potoczny-Jones discusses why the Internet of Things are very often vulnerable today, and what vendors can do to built IoT devices with security and privacy in mind.
NIST is also developing standards aimed at protecting consumer privacy in the Internet of Things, noted Isaac Potoczny-Jones, research lead for computer science at Galois, a company working with NIST on consumer privacy. “A lot of the Internet has this financial basis around making the user into the product, not the consumer,” he told Nextgov. “The user’s private data is really the product and that product is sold elsewhere — we see a potential for that happening on the Internet of Things.” Galois is working with NIST on a pilot in which consumers’ information, culled from smart-home services, could be integrated into a “privacy preserving data store,” Potoczny-Jones said.
Isaac Potoczny-Jones, Galois Identity Research Lead and CEO of Galois authentication spin-off Tozny, talks about the new NSTIC pilot in a recent re:ID podcast episode. Galois, a Portland-based company that focuses on cyber security primarily for the U.S. government, is the final winner of the fourth round of NSTIC pilots. Galois and its partners will build […]