Facing The Quantum Challenge

The digital world we rely on stands at the precipice of a major challenge: quantum computers. These powerful machines, still young but rapidly maturing, have the potential to shatter the foundation of our encryption, jeopardising the security of online transactions, communications, and data.

Algorithms like RSA and ECC, currently safeguarding our digital landscape, will become vulnerable to quantum attacks at an alarming rate.

Experts worldwide acknowledge the urgency to prepare. Standard bodies, academics and industry players are working diligently to develop solutions, and the race is on to find and implement quantum resistant encryption methods.

PQC: The Quantum Shield

Post-quantum cryptography (PQC) acts as a beacon of hope, representing a paradigm shift in encryption. Leading the charge has been the United States National Institute of Standards and Technology (NIST), who are strongly advocating for the development and standardisation of PQC algorithms.

Unlike traditional methods, PQC leverages entirely different mathematical principles, making it resistant to the unique capabilities of quantum computers. Think of it as building a new and stronger fortress to protect our digital assets in the face of powerful new capabilities in computing.

Quantum Readiness Needs To Be A boardroom Discussion

The risk is real and requires action now - an example of a current risk is the 'harvest now and decrypt later’ problem. This approach involves adversaries collecting encrypted data today with the intent to decrypt it later using quantum computers.  Every enterprise has encrypted transactions, intellectual property and digitally signed contracts that will be at risk in the future.

Taking accountability for this risk is the responsibility of the C-suite and mitigating this risk sooner rather than later is best driven top-down.

Boardrooms need to recognise this reality and actively engage in these discussions around quantum readiness. Frankly, if a business is not already preparing for quantum, it’s likely that they could be too late already - this is the severity of the threat which many don’t realise. Proactive leadership is required to understand the broader implications of quantum computing and recognises the urgent need to invest in future-proof solutions like PQC.

Big Tech Is Taking A Step In The Right Direction

Recent news shows that Apple is paving the way for other businesses as they have upgraded iMessage to withstand decryption by quantum computers. This implementation of quantum-safe algorithms by a major player like Apple suggests that even industry giants are acknowledging the very real possibility of quantum hacking. 

This development could serve as a potential catalyst, encouraging other tech giants and companies to follow suit. As the industry grapples with the implications of quantum computing, Apple's initiative sets a strong precedent, paving the way for a collective effort towards securing the digital future.  

The Secret Weapon: Crypto-agility

The key to navigating this new landscape lies in crypto-agility, the ability to adapt encryption mechanisms to evolving threats. PQC is a crucial step for this, which requires taking inventory of your cryptographic assets and migrating all digital certificates to new PQC-enabled versions.
 
Although this may sound like a gruelling task, it doesn’t have to be. Think of it like swapping out the lock mechanism on a door, instead of replacing the entire door frame. There is also opportunity for phased rollout, where critical systems and data can be prioritised for PQC adoption first, followed by less sensitive areas. This means businesses can leverage their existing infrastructure while adopting new, secure algorithms. 

Building Secure Futures: A Proactive Approach 

As a society, we are more interconnected than ever with new IOT devices, services and applications constantly being built and developed. That’s why moving forward, creating new systems with quantum safe PKI and PQC in mind from the very beginning is vital. This proactive approach ensures long-term security against future quantum threats, especially for devices with extended lifespans.

The potential of quantum computing is undeniable, but so is the threat it poses to our digital security.

Businesses who collectively embrace PQC as imperative are the key to navigating the quantum era with confidence. By working together, it’ll be possible to unlock the benefits of this powerful technology while safeguarding our digital world for generations to come.

Jason Soroko is SVP of Product Management at Sectigo

Image: Shubham Dhage

You Might Also Read: 

CISA's Post-Quantum Cryptography Initiative:

DIRECTORY OF SUPPLIERS - Post-Quantum Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Creating Successful Cybersecurity Solutions
AWS & Google Agree To Drop Cloud Service Exit Fees »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

ESET

ESET

ESET provide security software for enterprises and consumers - Antivirus Software, Internet Security and Virus Protection.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Capula

Capula

Capula is a leading system integration specialist for control, automation and operational IT systems across all applications and industry sectors.

Pluribus One

Pluribus One

Pluribus One develops customized solutions and other data-driven applications to secure your business and your devices.

Yogosha

Yogosha

Yogosha is a crowdsourced cybersecurity platform enabling a win-win collaboration with the most talented hackers to detect and fix vulnerabilities on your most critical systems.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.

BTQ Technologies

BTQ Technologies

BTQ is a global quantum technology company focused on securing mission critical networks.

Argenta Talent Acquisition

Argenta Talent Acquisition

Argenta Talent Acquisition is a recruitment partner specializing in Space and Defense, Intelligence Community, all things Technical, Cyber, and Logistics.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.