Estimated reading time: 1 minute, 57 seconds

How Can CISOs Maintain Cybersecurity After Quantum Computing?  

Wednesday, Aug 10 2022
Vulnerabilities
Written by  Security Tech Brief

New encryption standards recently announced by the Commerce Department’s National Institute of Standards and Technology could play a big role in how information is kept safe after the expected rise of quantum computing, according to various published reports.

NISTIn July, NIST researchers designated four algorithms that they said could potentially thwart cyberattacks from quantum computers, which use the spooky characteristics of quantum physics to crack conventional cryptography. Commerce Secretary Gina Raimondo heralded the move as “an important milestone in securing our sensitive data against the possibility of future cyberattacks from quantum computers.”

Indeed, the NIST’s choices will probably have a major impact going forward, as Ars Technica reports. Graham Steel, CEO of cryptography management software maker Cryptosense, told the tech-news website that while the NIST standards matter in part because large companies often have to comply with them, the selections are also “based on sound reasoning.” Nadia Heninger, an associate professor of computer science at the University of California, San Diego, told Ars Technica that the algorithms will likely become “the de facto international standard” and they’ve been anxiously awaited by many companies.

To get ready for the risks of quantum computers, chief information security officers should begin by wrapping their heads around the NIST’s designated algorithms, according to Quantinuum cybersecurity chief Duncan Jones, writing at Nextgov. Jones says CISOs should start by identifying the assets and use of cryptography that are vulnerable to quantum technology within their systems. CISOs should also talk to vendors about post-quantum algorithms and begin testing post-quantum algorithms for compatibility.

Quantum computers’ looming ability to crack existing cryptographic codes means that, as with the Y2K bug, companies need to prepare now or risk paying the consequences later, as The Economist reports. Colin Soutar, managing director at Deloitte Risk and Financial Advisory, tells the newsmagazine that the consulting firm has already been hearing from big companies about how to maintain security.

Rival consultancy CY also reportedly emphasizes that companies should start moving to post-quantum computing security standards now. Both firms have teamed up with Alphabet spinoff Sandboxaq, which works on post-quantum cryptography. Peter Schwabe, a cryptographer at the Max Planck Institute for Security and Privacy in Germany, tells The Economist that the future may lie in a combination of conventional and post-quantum cryptographic tools, like wearing a belt as well as suspenders.

Read 849 times
Rate this item
(0 votes)
More in this category: « Data Breaches Fell in First Half of 2022: Study   Cybersecurity Tops U.S. Executives' List of Worries »

Visit other PMG Sites:
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline