logo

Select Sidearea

Populate the sidearea with useful widgets. It’s simple to add images, categories, latest post, social media icon links, tag clouds, and more.
side-area-image-1
side-area-image-2
side-area-image-3
side-area-image-4
side-area-image-5
side-area-image-6
hello@youremail.com
+1234567890
mobile-logo

Post-Quantum Cryptography: Where to Start?

23 Jun

Post-Quantum Cryptography: Where to Start?

by Amy McHugh
in Cybersecurity, Penetration Testing
Comments

While the first quantum computers capable of cracking asymmetric encryption are not expected for another 10 years, organizations should start preparing now for the “post-quantum cryptography” world.

What is Quantum Computing?

Quantum computing uses quantum mechanics to process data. While “classic computers” use binary bits that can only be a 0 or a 1, quantum computers use “qubits”, which can be a 0 or a 1 simultaneously, allowing the computer to investigate multiple solutions at the same time. It is this exponential increase in processing power that will crack current asymmetric cryptography algorithms in seconds.

Who Will Quantum Computing Impact?

Everyone and everything that uses asymmetric encryption to secure information in transit, in use, and at rest – VPN connections, secure email, financial transactions, etc. New cryptography methods need to be identified, standardized, and implemented to protect secure communications.

What is Post-Quantum Cryptography?

Post-Quantum Cryptography will ensure secure communications stay secure by providing an encryption algorithm invulnerable to either a classic- or quantum-computer attack.

“Harvest Now, Decrypt Later”

Even though quantum computers are not a threat today, your data is already in its crosshairs. Malicious actors are downloading encrypted data and patiently waiting for quantum’s ability to crack it. Data is being warehoused now in anticipation of hitting the lottery in a few years.

What to Do Now?

  • Review current industry developments and NIST guidance to educate yourself and your teams on post-quantum cryptography and the algorithms identified for future use
  • Inventory all uses of encryption at your organization and current cryptography algorithms for each
  • Identify “high-risk” and “high-value” systems for conversion planning as well as systems that will be unable to migrate to the new cryptography requirements
  • Work with your third-party providers to determine how they are addressing the need to convert their systems to post-quantum cryptography
  • Integrate post-quantum cryptography readiness into your strategic planning

Partner with a cybersecurity consulting firm that understands your industry’s unique compliance requirements and risk landscape. Whether you need an ITGC review, vendor risk management best practices, ransomware readiness assessment, or cybersecurity training program, CyberAssurance provides expert guidance and actionable recommendations.

Experience the CyberAssurance difference. How can we help? Contact us today to learn more.

Amy McHugh
Amy McHugh

Amy McHugh, JD, CISA, is a Senior GRC Analyst at CyberAssurance with over 15 years of experience in cybersecurity, compliance, and governance for financial institutions. Her career spans roles as an FDIC IT Examiner, senior consultant, and C-suite executive at a $1B credit union. Amy specializes in aligning information security programs with frameworks such as NIST, GLBA, FFIEC, and CIS, while supporting enterprise risk, vendor management, and audit readiness efforts. She is a licensed attorney and Certified Information Systems Auditor, known for her ability to simplify complex regulatory requirements and strengthen governance programs.

No Comments

Sorry, the comment form is closed at this time.