One of the great successes of data security, especially over the last two decades, is encryption. It has grown in strength and sophistication enabling the existence of floodgates against the relentless flow of cybercrime. This can best be proven by the fact that most cybercrime now focuses on penetrating a system through human operators, using spearphishing and social engineering, for example, meaning that cracking encrypted data has proven too costly and time-consuming for threat actors, who will generally always seek the easier route.
Public-key cryptography solutions, which are developed using complicated mathematical formulas, provide reliable security
However, no ramparts can stand forever. Part of the CIO’s role will be to continue to assess the opportunities and threats emanating from quantum computing. While there is disagreement about the timeline, researchers and engineers anticipate dramatic advancements in quantum computing over the next five to ten years, current public-key cryptography solutions, which are developed using complicated mathematical formulas, provide reliable security based on the amount of computing power required to decipher them.
It would take the world’s most powerful computers thousands of years to crack these solutions by brute force. However, a sufficiently large quantum computer would be able to break the cryptography tools in a manner of days or even hours.
Part of the CIO’s role will be to continue to assess the opportunities and threats emanating from quantum computing
A recent IDC report sponsored by Thales, shows that 26% of organisations globally are in the process of operationalising their quantum computing plans, or will do so in the next 18-24 months. As much as quantum computing threatens to weaken existing security protocols, the same technology can be used to strengthen the defences of the near future.
Increasingly, organisations are starting to contemplate a move to blockchain in the same way they did with the cloud over the past decade. Blockchain is a technology that uses a jury of connected computers to agree upon and then record the transaction entries on numerous identical copies of a digital ledger that are then encrypted in a way that makes decryption and alteration of the records exceedingly costly in computing resources, time, and money.
26% of organisations globally are in the process of operationalising their quantum computing plans
Blockchain is most associated with bitcoin and other cryptocurrencies, which is erroneous. Although cryptocurrencies do use blockchain for their mining and transactions, they are just one of a wide range of services and products that use it. Others include smart contracts, supply chain integrity, traditional financial transactions, vital document authorisation birth certificates, passports, mortgages and medical records, to name just a few.
In just the same way the concept of the cloud grew from a single, theoretical publicly available storage area, we have seen the development of private clouds and hybrid models, large hyperscalers such as Amazon Web Services AWS and Google Cloud, as well as more regional cloud service providers CSPs more suited for data sovereignty and digital protection regulations. With cloud, it was the technology that counted – infinitely scalable, highly adaptable, and economically attractive – as opposed a single brand or model. With blockchain, the same will emerge.
As much as quantum computing threatens to weaken existing security protocols, the same technology can be used to strengthen defences
Companies, especially financial institutions, will develop private blockchains, leveraging the encryption and archiving technologies without placing themselves out in the open. Other organisations globally will likely seek to benefit from its extensive reach, to protect investments and monies without the expensive, and sometimes corrupt, oversight of regional banks or governments.
A wide range of activities can be bundled under the terms Artificial Intelligence and Machine learning but suffice to say their presence is being felt in all areas of business, from intelligent routing of deliveries to facial recognition. For every positive development there are equal and opposite negative ones, including deepfakes counterfeit videos or audio recordings that appear impossibly genuine and AI- and ML-enabled spear phishing/social engineering techniques that learn how to impersonate people and suppliers with great accuracy.
Here again, both AI and ML can be deployed for attack and defence. AI is already being used in threat hunting, incident management and malware detection.
Quantum computing and blockchain, AI and ML are all existing technologies, in their infancy perhaps, but by no means purely hypothetical. Thinking back to the summary of a CIO’s position, looking inward while the CTO looks outward, this places the CIO squarely in the line of responsibility to continue to work with the CTO to fully understand, strategise upon, and then deploy these technologies in the interest of their company’s future viability.
Quantum computing and blockchain, AI and ML are all existing technologies, in their infancy perhaps, but by no means purely hypothetical. Thinking back to the summary of a CIO’s position, looking inward while the CTO looks outward, this places the CIO squarely in the line of responsibility to continue to work with the CTO to fully understand, strategise upon, and then deploy these technologies in the interest of their company’s future viability.
While there is disagreement about the timeline, researchers anticipate dramatic advancements in quantum computing over the next five to ten years.