Page 157 - Cyber Defense eMagazine January 2023
P. 157

China  already  committing  $10  billion  investment  towards  its  development,  the  threat  they  pose  to
            encryption is no longer a question of if, but when.

            Quantum computers are a rapidly emerging technology that harnesses the laws of quantum mechanics
            to solve problems too complex for classical computers. Through this new computational model, quantum
            computers will be able to break all current public key encryption used ubiquitously today.

            The risk is rapidly becoming a major concern for policy makers: the G7, led by the White House, recently
            included the quantum threat in their key 21st Century challenges.


            From a risk perspective however, independent of how quickly this emerging technology is developing,
            what makes the threat even more dangerous is that quantum attacks, namely the “Harvest Now. Decrypt
            Later (HNDL), can be carried out retrospectively. This means that an institution can be targeted today
            with a ‘harvest now and decrypt later’ attack. Threat actors have the capability of harvesting encrypted
            sensitive data from across sectors and levels including financial information, national security intelligence
            and business and consumer data and then storing this data for decryption at a later date.

            It is this fact that demands an urgent response from the cybersecurity community. Security is about
            identifying  and  mitigating  risk:  the  longer  businesses  delay  replacing  exposed  encryption  with  post-
            quantum cryptography, the greater the quantity of data will be exposed.




            What do the NIST standards mean for businesses?
            There is growing recognition of the need for businesses to prepare for this new and sophisticated threat,
            especially to the cyber systems that our critical infrastructure and democratic institutions rely on. The
            primary purpose of the NIST process was to identify a robust suite of encryption that businesses could
            trust and utilise in defending themselves against this threat.

            Under the guidelines and protection of these new standards, businesses can chart a path to long term
            cybersecurity with the certainty that the encryption they are using is quantum secure.

            The process to achieve quantum security is simple in concept but the challenge will be in the execution.

            Businesses first need to identify their exposure through a comprehensive audit of the encryption they use
            and its locations. With this clear picture and armed with these new standards we can chart a roadmap
            and timeline to move forward in replacing the vulnerable encryption and adopt PQC.



            What’s next for post quantum cryptography

            Now is not the time for complacency. The global post quantum cryptography community has worked
            tirelessly to establish these new schemes and standards, but the focus now must turn on adopting them
            within its cybersecurity infrastructure imminently.
            These new standards also represent the beginning of the journey towards actualising a quantum secure
            future. Just as businesses and governments need to stay alert to adapt to the growing and changing




            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       157
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   152   153   154   155   156   157   158   159   160   161   162