Page 176 - Cyber Defense eMagazine July 2024
P. 176
It's never too early to take a proactive stance
Why aren’t organizations better prepared for new developments that could impact their most critical
business processes? In informal conversations with customers, we’ve heard that many are more focused
on short-term technology challenges like the rapid emergence of AI. Until a well-working quantum solution
capable of cracking encryption actually appears, organizations prefer to focus on immediate security
threats such as nation-state actors and other near-term IT priorities.
However, although current technology can’t yet break today’s encryption schemes, many organizations
are concerned that attackers may be capturing encrypted packets now, with plans to crack them when
new compute capabilities are available. According to the Ponemon Institute, 74 percent of survey
participants worried that attackers might conduct these “harvest now, decrypt later” attacks.
Even if organizations aren’t ready to directly address coming quantum computing challenges, they can
still take steps to evaluate and be ready to rapidly deploy new encryption algorithms. That requires an
organization with crypto-agility. Crypto-agility is the ability to discover a complete inventory of keys,
certificates, algorithms, libraries, and protocols and then quickly switch to different encryption
mechanisms. It requires understanding how cryptography is in use within an organization, and having
the culture and tools required to rapidly update it.
Moving toward crypto-agility
Government and industry leaders have already taken some initial steps to help organizations address
the coming post-quantum challenges. The National Institute of Standards and Technology (NIST) has
already chosen four algorithms designed to withstand attacks by quantum computers, and is now in the
process of standardizing these algorithms. Three new signature algorithms are expected to be ready for
use in 2024, and organizations with implementations of crypto-agility will be best prepared to implement
them.
Do an inventory
What are some steps that organizations can take to enhance crypto-agility today? Acquiring visibility is
fundamental. All too often, IT and security staff have only limited insight into how and where cryptography
is used in their infrastructure and business processes.
To understand which areas need attention, take steps to initiate a thorough inventory. Perform a complete
scan of applications and systems that are now using public key cryptography. A reputable certificate
discovery service can provide a current snapshot of your certificate environment.
Organizations should also extend the inventory beyond certificates, to examine components in their
communications and hardware systems. Elements like Hardware Security Modules (HSMs) and Trusted
Platform Modules (TPMs) do often hold cryptographic assets. In DevOps environments, code signing
processes might also be vulnerable to advanced new attacks. To keep insights complete and current,
organizations should perform discovery tasks on a frequent basis.
Cyber Defense eMagazine – July 2024 Edition 176
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
