New Year’s resolutions are lodged in our collective psyche as a step toward a better year. It’s a time for our tired habits and routines to be scrutinized, and annual vows resurrected.
If you’re a cybersecurity professional, especially those responsible for the security of long-duration data, we encourage you to get quantum fit in 2021. What does that mean exactly? It’s time to build your quantum literacy muscle, set an organizational plan for quantum readiness, and take action.
The power of quantum computers creates an unprecedented threat to the security of our data with its potential to break the encryption on which most enterprises, digital infrastructures, and economies rely. The World Economic Forum warns, “there is a major gap in both awareness of and information about the potential applications, risks and security solutions associated with quantum technology. For leaders charged with ensuring the security and integrity of the systems on which businesses rely, there is still hyperbole in the quantum security debate. The community can change this by building quantum literacy at the board and CEO level.”
The 2020 global pandemic has spurred companies to start or accelerate digital transformation projects, which most significantly means moving more systems to the cloud. This too requires a rethinking of security strategy and infrastructure. Any organization deploying a network infrastructure today should ensure it is quantum-safe or risk its premature obsolescence.
Other immediate factors to consider when evaluating security priorities for 2021.
- Current PKE systems, i.e., TLS/SSL and key management practices are rife with vulnerabilities putting today’s data and communications networks at risk. With PKE, the encryption keys and data travel together. An attacker needs only to compromise one connection to obtain secret information.
- History shows cryptographic transitions can take years to complete which is why The National Institute for Standards and Technology (NIST) put forth recommendations in 2016 encouraging all organizations to begin preparing then for the quantum cryptographic break.
- Any encrypted data that has been intercepted or stored will be vulnerable to decryption in the quantum era. This means a quantum computing system of sufficient power will be able to decrypt stored data with ease, an attack known as “harvest today, decrypt tomorrow.”
How do you promote quantum literacy within your business to ensure that executive teams understand the severity and immediacy of the quantum security threat, while prioritizing it above other competing threats in terms of resource allocation – both attention and investment?
No one wants to wait for a quantum attack to occur before they take action. Industry pundit and Cryptography Apocalypse book author Roger Grimes predicts 2021 will “likely see the first public acknowledgment of the quantum crypto break, where quantum computers are capable of breaking traditional public key crypto.” Eek!
To get quantum fit in 2021, mitigate the go-forward risks of a quantum-crypto assault, and better protect your organization from an increasingly connect world, we recommend the following steps:
- Complete the two-minute quiz to determine your baseline understanding of the quantum threat and its potential impact on your organization.
- Read the suggested materials provided post assessment to fill any knowledge gaps and help you improve your overall quantum literacy and develop a go-forward quantum-risk mitigation plan.
- As part of this plan, take inventory of your data. Conduct a data protection audit and quantum-risk assessment.
- Modernize your outdated security systems by building a dynamic quantum infrastructure that can easily keep pace with change.
- Embrace cryptographic lifecycle management by practicing crypto agility and deploying defense-in-depth countermeasures – a mix of classic and quantum-safe crypto.
- Combine today’s proven and certified i.e., FIPS, cryptography with tomorrow’s quantum-safe crypto by implementing candidate PQC algorithms and/or a FIPS 140-2 certified, quantum-safe key distribution system like Phio TX.
- Protect critical, long-duration data with quantum keys to avoid harvesting attacks.
- Understand the quantum-crypto strategy of your partners to ensure they too are quantum fit in 2021
- Don’t wait – get started today!
No matter which path you choose, or when you begin your journey toward quantum fitness, Quantum Xchange is here to be your trusted partner for protecting data-in-motion now and in the quantum future. In addition to our award-winning products and services, check out our robust library of materials to get you up-to-speed on quantum-enhanced security approaches, best practices, and recommended next steps.