It’s been a busy month for the promoting and advancement of Quantum Information Sciences in the U.S. The White House released two executive orders regarding quantum technology. The first establishes a new Quantum Advisory Committee to oversee the next stage in the National Quantum Initiative passed in 2018. The second, National Security Memorandum 10 (NSM-10), follows the January memorandum (NSM-8). It sets a series of deadlines for government agencies to get their information systems ready for the day when the quantum computer threat will be real—aggressively working against a 2035 deadline for all U.S. government systems to have fully migrated to quantum-resistant encryption. And rumor has it that NIST will announce its final Post-Quantum Cryptographic (PQC) algorithms any day.
There’s no denying, real momentum is happening around quantum technologies and quantum preparedness. Federal mandates tend to trickle down to the state level, before eventually landing at the doorsteps of regulated industries.
State governments play a significant role in society, administering and delivering services and providing the backbone of governance for the country. Data protection and secure communications is critical to enabling state and local government’s delivery of services to the citizenry who depend on them. To fully leverage data as a strategic asset; to do its part to protect high-value national security targets and critical infrastructure; and provide the protection and security that citizens and businesses deserve; state government systems need to be refreshed, architected, or replaced to address current and emerging threats – including quantum computing.
To help lay the foundation for strong, effective state cybersecurity policy most security experts encourage state governments to adopt and implement federal frameworks, such as NIST’s Cybersecurity Framework and the upcoming NIST-backed PQCs and implementation guidelines.
Quantum Xchange’s CTO Shahryar Shaghaghi will deliver the talk, “Demystifying Quantum Computing” at New York State’s 24th Cybersecurity Conference in Albany, NY June 7-8, 2022.
The two-day event features prominent industry experts presenting the latest innovations in cybersecurity and sessions on leading-edge topics and issues. The educational talk is intended to provide a high-level overview of quantum computing, the looming quantum threat, and what NYS security stakeholders should be doing now to prepare for the next era of computing risk.
In addition to the Quantum Risk Assessment process and steps to be taken, attendees will also learn about current cryptographic risks that penetrate their systems every day – that they may not fully be aware of or prepared for. This includes harvesting and man-in-the middle attacks, where bad actors steal and stockpile persistent data to decrypt later when quantum machines arrive, as well as the leading cause of data breaches – the human factor.
Poor crypto implementations; bad programming; a lack of general skills, training, or knowledge; incorrect use of libraries; weak passwords; software bugs, etc. These are the factors that lead to encryption weaknesses and create vulnerabilities ready for exploitation today and in the future. State cybersecurity pros must consider these “now” factors in their current and future planning efforts in order to properly introduce and implement post-quantum security measures.