The world is on the verge of a dramatic change. Forget the Industrial Revolution, the significant increase of computational power that quantum computing is set to dramatically impact everything. What may appear to be a complex, unsolvable mathematical problem today, in the age of quantum, could be solved in less time than it takes to read this article.
Although quantum computing does exist today, it still has a long way to go before it becomes a reality; these devices tend to be slow and limited in what they can do. However, once we hit that tipping point, the possibilities for quantum computing are endless, from improving how we cure diseases to developing further technologies.
As an industry, technology professionals are still getting to grips with the true scale of what quantum will bring, but what is certain is the processing power will be like nothing we’ve ever seen. However, while this increased power brings with it an almost endless list of possibilities, there are growing concerns about its implications from a security perspective.
The Thales Data Threat Report recently found that 72% of businesses feel that their organisation will be impacted by quantum computing in the next 5 years. Only 8% believe that quantum will never impact their organisation. But what are the key threats when it comes to quantum and what changes can we as a security industry need to implement now to ensure businesses are protected against this emerging threat?
Pre-empting the retrospective
Firstly, it’s important that we start levelling up our pre-existing protections to prepare for what’s to come. Whilst encrypted data might be secure in terms of today’s technology, quantum will decrypt data at a much faster rate, essentially breaking the security methods we use today to protect sensitive information. This is because of the nature of today’s encryption algorithms, which are essentially static. Computers currently don’t have enough power to break them open, but they certainly will with quantum.
While there isn’t a silver bullet when it comes to cybersecurity against every threat, businesses should look to consider implementing a crypto-agility approach to mitigate the impact of quantum. This is about enabling businesses to deploy algorithms that can be flexible, to respond to quantum-level threats in real time should there be a failure of the original encryption. It’s about deploying systems that can move between different encryption algorithms to protect against quantum computing threats. We need to look beyond static encryption to ensure that we’re able to encrypt sensitive data with the latest and emerging algorithms and update these algorithms in real-time to protect against the quantum computing threat.
However, there’s huge potential for hackers to play the long game here. In effect, quantum breaches could take place today, well before quantum power is readily available. Hackers can hoard sensitive, but currently secure, data today, until such a date they have the tools to crack it open.
Collaboration is key to the future
Moving forward, the security industry needs to be continually keeping up with the evolving threats that are out there. Therefore, the next frontier for our security systems must and will be building in quantum readiness, ensuring that when quantum is more realised, our existing and future data remains secure.
But, what does this look like in practice? Achieving quantum readiness doesn’t necessarily mean businesses need to redesign their entire cybersecurity system. What will need to be done, however, is anything that relies on cryptography will need to be updated, meaning there is a lot of work ahead. The good news is there is a lot of collaboration happening in the industry as it works towards developing the certifications needed to roll out the necessary protections for all businesses.
While the solution is still far away, the industry is facing a race against time. Businesses need to be aware of this and start doing their own research into the developments that fit their company and who they should consider partnering with. One thing is for sure, quantum is coming, and in some ways, the threat it brings is already here.
By Todd Moore, Vice President of Encryption Products for Cloud Protection and Licensing Activity at Thales.