Facing The Quantum Challenge

Uploaded on 2024-04-29 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY-Key Areas-Quantum Computing

The digital world we rely on stands at the precipice of a major challenge: quantum computers. These powerful machines, still young but rapidly maturing, have the potential to shatter the foundation of our encryption, jeopardising the security of online transactions, communications, and data.

Algorithms like RSA and ECC, currently safeguarding our digital landscape, will become vulnerable to quantum attacks at an alarming rate.

Experts worldwide acknowledge the urgency to prepare. Standard bodies, academics and industry players are working diligently to develop solutions, and the race is on to find and implement quantum resistant encryption methods.

PQC: The Quantum Shield

Post-quantum cryptography (PQC) acts as a beacon of hope, representing a paradigm shift in encryption. Leading the charge has been the United States National Institute of Standards and Technology (NIST), who are strongly advocating for the development and standardisation of PQC algorithms.

Unlike traditional methods, PQC leverages entirely different mathematical principles, making it resistant to the unique capabilities of quantum computers. Think of it as building a new and stronger fortress to protect our digital assets in the face of powerful new capabilities in computing.

Quantum Readiness Needs To Be A boardroom Discussion

The risk is real and requires action now - an example of a current risk is the 'harvest now and decrypt later’ problem. This approach involves adversaries collecting encrypted data today with the intent to decrypt it later using quantum computers.  Every enterprise has encrypted transactions, intellectual property and digitally signed contracts that will be at risk in the future.

Taking accountability for this risk is the responsibility of the C-suite and mitigating this risk sooner rather than later is best driven top-down.

Boardrooms need to recognise this reality and actively engage in these discussions around quantum readiness. Frankly, if a business is not already preparing for quantum, it’s likely that they could be too late already - this is the severity of the threat which many don’t realise. Proactive leadership is required to understand the broader implications of quantum computing and recognises the urgent need to invest in future-proof solutions like PQC.

Big Tech Is Taking A Step In The Right Direction

Recent news shows that Apple is paving the way for other businesses as they have upgraded iMessage to withstand decryption by quantum computers. This implementation of quantum-safe algorithms by a major player like Apple suggests that even industry giants are acknowledging the very real possibility of quantum hacking. 

This development could serve as a potential catalyst, encouraging other tech giants and companies to follow suit. As the industry grapples with the implications of quantum computing, Apple's initiative sets a strong precedent, paving the way for a collective effort towards securing the digital future.  

The Secret Weapon: Crypto-agility

The key to navigating this new landscape lies in crypto-agility, the ability to adapt encryption mechanisms to evolving threats. PQC is a crucial step for this, which requires taking inventory of your cryptographic assets and migrating all digital certificates to new PQC-enabled versions.
 
Although this may sound like a gruelling task, it doesn’t have to be. Think of it like swapping out the lock mechanism on a door, instead of replacing the entire door frame. There is also opportunity for phased rollout, where critical systems and data can be prioritised for PQC adoption first, followed by less sensitive areas. This means businesses can leverage their existing infrastructure while adopting new, secure algorithms. 

Building Secure Futures: A Proactive Approach 

As a society, we are more interconnected than ever with new IOT devices, services and applications constantly being built and developed. That’s why moving forward, creating new systems with quantum safe PKI and PQC in mind from the very beginning is vital. This proactive approach ensures long-term security against future quantum threats, especially for devices with extended lifespans.

The potential of quantum computing is undeniable, but so is the threat it poses to our digital security.

Businesses who collectively embrace PQC as imperative are the key to navigating the quantum era with confidence. By working together, it’ll be possible to unlock the benefits of this powerful technology while safeguarding our digital world for generations to come.

Jason Soroko is SVP of Product Management at Sectigo

Image: Shubham Dhage

You Might Also Read: 

CISA's Post-Quantum Cryptography Initiative:

DIRECTORY OF SUPPLIERS - Post-Quantum Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Creating Successful Cybersecurity Solutions
AWS & Google Agree To Drop Cloud Service Exit Fees »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

CSIRT.CZ

CSIRT.CZ

CSIRT.CZ is the National Computer Security Incident Response Team of the Czech Republic.

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

Nohau

Nohau

Nohau provide services for safe and secure embedded software development.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

FinlayJames

FinlayJames

FinlayJames supports cyber security companies to meet the increasing demand and pressure on them by finding top talent within the industry for their sales, marketing and technical teams.

Cyber Security Malta

Cyber Security Malta

Cyber Security Malta is part of Malta's National Cyber Security Strategy which aims to combat cybercrime, strengthen national cyber defence and provide cyber security awareness and education.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.

vpnMentor

vpnMentor

We started vpnMentor to offer users a really honest, committed and helpful tool when navigating VPNs and web privacy.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.

Cyberverse Foundation

Cyberverse Foundation

Cyberverse Foundation is an organization dedicated to building a robust cybersecurity ecosystem in India.