It’s Time to Implement New Tools to Counter Quantum Hacking
Right now, the US Department of Commerce wants businesses to transition to the new encryption tools it has designed to withstand cyberattacks from quantum computers. ? ?
The So What?
As the power of quantum computers advances, they will have the compute power to quickly decode the current encryption methods that keep 98% of electronic data safe.? ?
There is a 50:50 chance of quantum computers being able to do this by 2031, according to BCG analysis in conjunction with the Institute for Quantum Computing.? ?
And although this is a future threat, hackers could be downloading data now to decrypt it later.
“The risk is real and the risk is now, and that’s why these new tools have been launched preemptively,” explains BCG’s Managing Director and Partner Matt Langione, an expert in quantum computing.
Quantum computing has the potential to drive huge progress in areas such as drug discovery, optimization of logistics networks, machine learning to detect fraud, and securing government data. And BCG estimates that it will create value totaling $450–$850 billion by the time the technology matures.
Despite this huge potential, quantum computers also threaten two types of encrypted data:??
Given the risk of data at rest being downloaded now to decrypt later, the US?Department of Commerce’s National Institute of Standards and Technology (NIST) is encouraging computer system administrators to begin transitioning to the new standards it has designed as soon as possible.
NIST has spent eight years working with the private sector and academics around the world to develop the new tools or cryptographic algorithms.??
“These new algorithms are an important milestone because NIST typically sets the standard for common adoption,” Langione says.
Now What? ?
In the past, cryptographic upgrades have taken about 20 years, although 7–10 years is considered an optimistic minimum today.? And even NIST suggests that the transition may well be expensive and disruptive, albeit highly effective.?
Here are some initial steps for companies to take:? ?
Inventorize all hardware, firmware, software, operation systems, and applications that use the current algorithm for encryption. Automated discovery tools can help here.? ? ?
Prioritize the components that need to be migrated first based on risk management methodology that assess the sensitivity of the data and the potential impact of the attack. This will provide a roadmap for action. ? ?
Integrate and test the new standards. Detailed instructions for incorporating the new tools into products and encryption systems will be needed. And they should then be tested to ensure they are functioning correctly and securely, without too much of a negative impact on performance. ? ?
Train key security personnel and equip them for ongoing monitoring and updating. There should also be collaboration with vendors to ensure they are also adopting the new standards since many attacks happen with software from a third party. ?
For Further Reading: ??
??
Looking forward to seeing how QC evolves in the coming years! ??
Head of Generative AI, ML & Data - Global Financial Services, EMEA/APAC | Technology Executive | Sales & People Leader | Cloud, Data & Generative AI | x-Microsoft x-IBM | Diversity & Inclusion | Speaker
4 天前Though may not prevent risk from state sponsored activity - Curious on ROI of doing this vs pushing for broad international consensus on policy/export control approach or regulating access to Quantum compute as its not like you can have one in your garage... AI did not stand a chance of this being place before its boom but Quantum does...
Consultant | Strategy Consulting | Data and AI
4 天前An interesting post - I can't wait to see how QC develops over the next few years!