Former GSAer Spencer joins CertiPath

Monday - 1/31/2011, 2:36pm EST

By Jason Miller
Executive Editor
Federal News Radio

Judy Spencer, who led several of the government's efforts around public key infrastructure and identity management, retired from government after 36 years.

Spencer's last day at the General Services Administration was Dec. 30. On Monday, CertiPath announced Spencer joined the company as the policy management authority chairwoman. The company said in a release that Spencer will set and maintain policies, and drive consensus on a wide range of security issues affecting the CertiPath community.

On the company's website, CertiPath said it provides externally portable organization and individual identity assurance by certifying that an organization's credentials - and those of your employees - meet globally accepted standards. CertiPath maps agency policy to the CertiPath policy to ensure adherence to these standards, essentially giving a company a "seal of approval" that you can be trusted.

During her career in government, Spencer began her federal service repairing cryptographic equipment before moving to public key technology and identity management 12 years ago.

Most recently, she was worked to align various agencies and organizations around unified logical and physical credentialing of federal employees as directed in Homeland Security Presidential Directive-12. She also has been the chairwoman of the federal PKI Policy Authority where she promoted interoperability of high assurance credentials.

"PIV-I represents a major breakthrough in identity management and access control," said Spencer in a release. "I've seen the value of a strong identity credential from inside Washington, now I look forward to working with CertiPath to gain the same level of success for PIV-I."

CertiPath recently announced it was cross-certified to the U.S. Federal Bridge for Personal Identification Verification-Interoperability (PIV-I) level of assurance. PIV-I credentials, which let non-Executive Branch federal employees and others to obtain a credential based on the same standards as the federally issued credentials are expected to grow exponentially in the coming year.

As the lead of the Federal Bridge Certification Authority (FBCA), Spencer helped promote interoperability between discrete trust domains. The FBCA opened for business on June 18, 2001 and is currently working with various federal agencies and several non federal entities to effect both technical and policy interoperability.

Prior to her last position, Spencer managed the Federal Information Security Infrastructure Program, which sought information systems security solutions for internet-based communications using public key technology. This office was responsible for developing the ACES Program.

In addition, Spencer was involved in the efforts of the federal sector to promote Critical Infrastructure Protection across the departments and agencies. Toward this end, Spencer led the transition of the Federal Computer Incident Response Capability (FedCIRC) from a pilot to operational status and worked with agencies to build consensus for intrusion detection and incident response to unauthorized electronic exploitation.

(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)