Story image

Quantum computing will pose risks to enterprise encryption

24 Oct 2019
Twitter
Facebook

The internet of things is becoming a backbone for technology worldwide, and quantum computing is developing right alongside it. While quantum computing can bring the potential for development, there are also plenty of risks.

According to a DigiCert survey of 400 enterprise organisations across Japan, Germany and the United States, 55% believe that quantum computing and post Quantum Crypto  is a ‘somewhat to extremely large’ security threat at the present time, with 71% it will only become more of a threat in the future.

Organisations believe that IT teams should be aware of quantum computing. According to the survey, 83% of respondents believe that IT must learn about quantum-safe security practices.

However, quantum computing presents significant security challenges.

These include: High costs to battle and mitigate quantum threats; Data stolen today is safe if encrypted, but quantum attacks will make this data vulnerable in the future; and encryption on devices and applications embedded in products will be susceptible.

Additionally, cost; lack of staff knowledge; and a concern that TLS vendors won’t have upgraded certificates in time were all cited as concerns.

To deal with those challenges, 95% of surveyed respondents say they are discussing at least one tactic to prepare for quantum computing.

As organisations prepare for quantum computing, 56% of respondents are establishing a PQC budget. Respondents are also beginning to understanding their current level of risk, building knowledge about PQC and developing TLS best practices.

“It is encouraging to see that so many companies understand the risk and challenges that quantum computing poses to enterprise encryption,” says DigiCert industry and standards technical strategist, Tim Hollebeek.

“With the excitement and potential of quantum technologies to impact our world, it's clear that security professionals are at least somewhat aware of the threats that quantum computers pose to encryption and security in the future. With so many engaged, but lacking good information about what to do and how to prepare, now is the time for companies to invest in strategies and solutions that will help them get ahead of the game and not get caught with their data exposed when the threats emerge."

The survey suggests three best practices for companies ready to start planning their strategies for securing their organizations for the quantum future:

1. Know your risk and establish a quantum crypto maturity model.

2. Understand the importance of crypto-agility in your organization and establish it as a core practice.

3. Work with leading vendors to establish digital certificate best practices and ensure they are tracking PQC industry progress to help you stay ahead of the curve, including with their products and solutions. Change rarely happens quickly, so it’s better not to wait, but to address your crypto-agility now.

Story image
22 Oct
ESET discovers campaign stealing bitcoins from darknet users
ESET researchers have discovered a trojanised Tor Browser that cybercriminals use to steal bitcoins from darknet market buyers.More
Story image
06 Nov
Barracuda Networks integrates WAF into cloud platform
 Barracuda Networks announced a new Cloud Application Platform (CAP), which provides security, as well as a new web application firewall (WAF) as a service solution built on Microsoft Azure.More
Story image
24 Oct
The human eye as a proxy for the future of networking
In recent years scientists have been unravelling the intricate structure and wiring of retina neurons within the eye - Mellanox Technologies looks beneath the surface. More
Story image
08 Nov
Enterprises look to zero trust network access to thwart VPN attacks
“Though it is encouraging to see so many organisations are pursuing ZTNA to close gaps created by VPNs, I am surprised that more than half of those surveyed believe their current infrastructure is reliable enough to protect the enterprise."More
Story image
05 Nov
Microsoft's new security innovations at Ignite 2019
Microsoft 365 and Security corporate vice president Kirk Koenigsbauer outlined 10 major security announcements across Azure, Microsoft 365, Office, and Microsoft Defender ATP. More
Story image
26 Oct
Securing IoT top priority for enterprises, research says
Developing and managing secure IoT deployments is no longer the remit of security professionals but is a capability that is quickly becoming available to developers of all levels."More