The world is an uncertain place with no guarantees. In enterprise technology circles, the one exception is the need to be agile and resilient. Cybersecurity pros know to expect the unexpected when navigating the always evolving threat landscape. Unpredictability and outside forces are always in play. War in Ukraine, a pandemic that we can’t seem to shake, rising inflation, and the unpredictability of human behavior are all factors that help inform and shape cybersecurity defenses.
As the global digital economy prepares for the greatest cryptographic transition in the history of computing, replacing legacy encryption with post-quantum cryptographic (PQC) algorithms, humans will play a major role in its success and its failings. Encryption fails all the time, and it’s not because of advance computers or mathematics. Programmer error is usually to blame.
Redundancy Builds Resiliency
Resiliency as a character trait is praised and revered. A resilient person is one not deterred by setbacks or unexpected consequences. Resiliency is no different in cybersecurity. It’s the ability to keep operating under degraded conditions.
Infrastructure leaders follow this ethos and look to redundancy and policy to combat unreliability throughout the hardware stack. They build RAID arrays, use redundant power with generator backups, and maintain multiple data centers to create redundancy zones for quick recovery. Redundancy as a strategy for resiliency under failure conditions is common practice, well understood, with solid results. Simply put – it works.
The Single Source of Failure Dilemma
For hardware, we solve for potential failings through redundancy and policy. But for software… nothing.
Software is the biggest monoculture in the computing world today and monocultures are susceptible to single points of failure – like how the entire human population is prone to the common cold. Organizations utilize one operating system, one database platform, one accounting software, etc. This generally means that entire businesses are vulnerable to single attack vectors.
Software and software supply chain risks are well-known and well-understood. An all-too-often overlooked issue is cryptography. The digital infrastructure we know today is protected by a single cryptographic family with just a few implementations making public key encryption (PKE) a crypto monoculture susceptible to single points of failure, the human factor contributing to many. Poor programming skills, implementation errors, leaked certificates, bad passwords, lack of key rotation, software bugs, etc., all contribute to cryptographic weaknesses ready for exploitation by bad actors. This is true today and will be true in the quantum future.
When an organization relies on singular methods, e.g., crypto algorithms and certificate chains, to secure the entire enterprise, it means a single point of failure may take down all operations. Where is the policy that enforces minimum standards on cryptographic algorithms, key rotation, location, storage duration? No standard exists.
Crypto-Agility is Not a Foolproof Crypto Policy
As the quantum threat nears, the need to rethink crypto management grows. The industry has landed on crypto-agility as the countermeasure catchall. The ability to make major changes to cryptography algorithms and libraries in a controlled and flexible manner is good and necessary, but not nearly enough and here’s why.
Crypto-agility is reactive. The swift changing or swapping of encryption algorithms happens only after a breach occurs or vulnerability is found. It leaves organizations susceptible to that pesky crypto monoculture and the single points of failure discussed earlier. Instead, crypto-agility should be deployed alongside crypto-diversification, or the stacking, mixing, and switching of current and post-quantum encryption technologies with no network downtime or interruptions. Crypto-diversification is proactive, it looks to history and assumes all math-based encryption will eventually weaken, or outright fail, over time.
Policy-Driven Enterprise Crypto Management
The not-so-distant future will require organizations to treat their cryptographic strategy much like unreliable hardware stacks: redundancies at every level and an ability to apply policy through software quickly and decisively.
Today we have key management systems that help deploy and manage certificate strategy. Soon, and perhaps faster than you may think, organizations will need a crypto-algorithm strategy and a platform to implement it. A crypto policy management platform will ensure enterprise policy evolves in lock step with the shifting threat landscape and as business requirements change. It should be resilient, crypto-diverse, and purpose-built, introducing redundancies throughout the cryptographic stack, including algorithms, their implementations and key delivery techniques. And best yet, it will remove the signal points of failure common to modern-day encryption practices.
It’s time to break the crypto monoculture. Don’t fall victim to it. Deploy an enterprise crypto management policy today.
