What's Happening?
At the Infosecurity Europe conference, security leaders emphasized the urgent need for organizations to transition to post-quantum cryptography (PQC). Rik Ferguson, VP of security intelligence at Forescout, highlighted that only 8% of SSH servers currently
support PQC, stressing the importance of proactive inventorying and crypto-agility efforts. Despite the looming threat of cryptographically relevant quantum computers (CRQCs), many businesses have not prioritized this transition. The NSA has warned of 'harvest-now-decrypt-later' attacks, where encrypted data is collected now to be decrypted in the future when quantum computing becomes viable.
Why It's Important?
The transition to PQC is crucial for maintaining data security in the face of advancing quantum computing capabilities. For U.S. businesses, particularly those handling sensitive data, failing to prepare for this shift could result in significant vulnerabilities. The potential for adversaries to decrypt previously secure data poses a threat to national security and economic stability. As quantum computing technology progresses, the window for implementing PQC measures is narrowing, making immediate action essential.
What's Next?
Organizations are expected to accelerate their PQC transition plans, focusing on inventorying current cryptographic systems and developing strategies for migration. This may involve collaboration with industry experts and adherence to guidelines set by cybersecurity authorities. As the timeline for quantum computing advancements shortens, businesses will need to prioritize PQC to safeguard their data against future threats.
