My colleague, Alexander Mazuruc, attended the International Cryptographic Module Conference that took place last month in Gaithersburg, Maryland. Alex is a Senior Developer at WinMagic and has a unique “flair” for navigating the arcane world of product security certifications. He has delved deeply into Common Criteria and has been our go to person for all things FIPS for almost a decade.

The conference which Alex attended ICMC 2013 is basically a Federal Information Processing Standard (FIPS) 140 conference. FIPS 140 is a Cryptograph Module Validation Program which SecureDoc’s cryptographic engine is certified against. FIPS 140 validation is a “hard” requirement for the U.S. and Canadian governments, as well as, many security conscious organizations worldwide. The conference ran the week before the partial shutdown of the US Government and the NIST website so the timing worked out well.

Alex reports, “[The] conference was good…I learned what I expected to learn: how FIPS fits into the Government needs and the industry, how FIPS things are regulated, where they are moving to and what the hot spots are, [among] other things.”

There were approximately 100 attendees or so at the event. This was no security generalist RSA-like conference. It truly lived up to its billing:

“An Expert Community of Users Focused on The FIPS 140-2 Standard…Experts from around the world convened at ICMC 2013 to address the unique challenges faced by those who produce, use, and test cryptographic modules that conform with standards such as FIPS 140-2 and the ISO/IEC 19790 standard. The conference helped to foster a focused, organized community of users. ICMC covered the technical design problems to meet the standard, with a particular emphasis on the challenges posed as technology advances with respect to the current standards.”

So why the blog title “Almost famous?” In researching this blog on the NIST website I found Alex’s name as the contact person for many of our cryptographic module validations and I think that’s pretty neat.


Leave a Comment


Garry McCracken

About Garry McCracken /

Garry, a CISSP, has more than 30 years of experience in data communications and information security. He has contributed to the development of WinMagic's full-disk encryption solutions for desktops, laptops, and other mobile devices. When he is not saving the world of data encryption, he takes off his cape to relax and enjoy life at the cottage. Garry writes from a position of technical expertise since we first started SecureSpeak, making him the longest running blogger at WinMagic.
Garry McCracken