The News: The U.S. Government has issued a national security memo addressing the threat and mitigation of quantum computing risks. The memo outlines plans for full-scale migration of vulnerable computer systems to quantum-resistant cryptography. Read the news from SecurityWeek here.
Quantum Computing Risks, Mitigation Plan Addressed in National Security Memo
Analyst Take: A new memo from the White House concerning national security issues surrounding quantum computing risks was recently released alongside a plan to advance U.S. leadership in quantum computing. Rapid advancements in quantum computing pose serious risks to civilian and military communications, critical infrastructure controls, and internet-based financial transactions, the memo notes. It warns of the significant economic and security concerns posed by increasingly sophisticated quantum computing capabilities before laying out an aggressive plan to mitigate those risks.
Quantum computers of sufficient size and power will have the ability to break the cryptography used in digital systems across the globe and cause significant disruptions in security. An all-hands-on-deck approach is necessary to prepare for and prevent quantum computing risks from becoming hugely destabilizing to governments, financial institutions, and others. The memo outlines deadlines and plans for migration to quantum-resistant technologies at all federal agencies ahead of similar efforts in the public sector.
Protecting Against Quantum Computing Risks
To begin the process of protecting against quantum computing risks, the memo directs the NSA and NIST to develop and publish new quantum-resistant cryptographic standards that will protect vulnerable systems against potential quantum attacks. These standards should be released publicly by 2024 and enable the kickoff of a multi-year quantum-migration campaign for government institutions as well as all critical sectors of the US economy.
An emphasis on developing cryptographic agility is vital to protecting against quantum computing risks, the memo warns. While crytographically-relevant quantum computers do not yet exist, there is a very real danger of “capture now, decrypt later” attacks in which an adversary could record and store encrypted information now for future analysis by a sufficiently advanced quantum computer. Open-source tools containing backstops to prevent this kind of attack are currently being developed.
The enormous possibilities enabled by quantum computing technology are incredibly exciting – but we must balance the upside by also acknowledging the risks that will likewise emerge in its wake. I’m glad to see federal agencies taking these concerns seriously and setting a proactive example for the public sector. Quantum computing risks will become very real in the not too distant future and the time to prepare is now.
Disclosure: Futurum Research is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum Research as a whole.
Other insights from Futurum Research:
Image Credit: The White House
The original version of this article was first published on Futurum Research.
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”