Absence of Standards, Absence of Plans — Savvy Cybersecurity Leaders Must Get Engaged in Quantum Preparation

Take the First Steps To Quantum-Safe Security Now to Avoid Mistakes Later 

In brief…

+  The security risk posed by quantum computers is existential: As Dr. Deborah Frincke, director of the National Security Agency’s research branch, has pointed out, a practical quantum computer will be capable of cutting through public key cryptography standards and exposing everything from banking accounts to military secrets.

To channel former Defense Secretary Donald Rumsfeld, the dawning field of quantum computing is full of “known unknowns’’ that will pose unprecedented challenges to IT managers and cybersecurity professionals.

+  But that doesn’t mean savvy cybersecurity leaders should sit on their hands until the NIST process concludes in 2022 (or at the latest 2023). Don’t let the absence of standards become an absence of plans. The cryptographic revolution will be unlike any change in the modern computing era. Cryptography is baked directly into so many layers of the computing stack and embedded in so many connected devices (access keycards, for instance) that untangling it all will be a challenge of epic logistical and technical proportions.

+  This interim period before standards are set is the right time to begin planning—both because it reduces capital outlays and because it allows comprehensive assessments of what will need to change and in what order it should be changed. This process alone could take years—meaning that, once standards are set, organizations will have already done the heavy lifting and be ready to adopt them rapidly.

Source:  Nextgov.  Scott Totzke, Take the First Steps To Quantum-Safe Security Now to Avoid Mistakes Later…

Content may have been edited for style and clarity.