Preparing for the post-quantum cryptography environment today
The thought of quantum computing may elicit a shrug from many a CISO who has enough on their plate already and has decided that’s an issue for the future. My take: get into the conversation, as it is your entity that will be affected sooner or later when post-quantum cryptography becomes a possibly concerning reality.
Quantum cryptography must become a concern for the cybersecurity expert as we (as a community) “don’t tend to prioritize the things that are important until they become urgent,” Jaya Baloo, CSO at Rapid 7, tells CSO. “It’s precisely why we need to start getting ready today for the arrival of quantum computers jeopardizing our current cryptography.”
That advice got my attention. Baloo went on to summarize three steps that every CISO should be taking today:
- Know thyself. Assess and inventory current cryptographic assets and understand their use in our enterprises.
- Find opportunities. Look for opportunities that will eventually allow you to transition to quantum-safe technologies.
- Implementation. Have in place a steady cycle of implementing, monitoring, and testing that makes sure that you have some operational assurance you will be ready when quantum becomes a reality.