The Quantum Threat
Quantum computers will soon be commercially available, and code-breaking versions are close behind. Unexpectedly rapid progress in their development means they are now a business risk, one requiring mitigation strategies today.
Countdown to Quantum
Businesses are looking to third-party cloud providers to reduce data storage costs, but need confidence that no external party can access sensitive data. At the same time, businesses need to mitigate risks posed by malicious insiders and phishing / whaling attacks.
We ensure that only authorised individuals can access data, requiring multi-party approvals supported by complete audit trail. We encrypt the data and divide the decryption key into fragments, which are divided among stakeholders. If a pre-agreed number of fragment holders approve an access request, the data is made available to the requester. Since it is cryptographically impossible for anyone internal or external to access the data without oversight, third-party clouds become a viable storage option for sensitive data.
These developments have implications for data encrypted today for security. Today, there is some comfort for businesses in knowing that sensitive data, if encrypted, is safe even if it is stolen. The prospect of code-breaking quantum computers changes this risk profile: encrypted data lost in a breach this year could be accessed in the future. We know that some data is stolen today with precisely this in mind.
Sensitive or confidential business data may have a lifespan of 5, 10, even 20 years. Certain data remains of value to a competitor many years after its creation, whether it covers R&D in a pharmaceutical business, geological surveys in the energy industry, trading data in financial services, or budgeting, strategic plans, and personal information in professional services.
Similarly, the lifetime of certain equipment and devices (especially those part of the Industrial Internet of Things), as well as (autonomous) automobiles and logistics vehicles means that particular consideration of the quantum computing threat is needed. All communication with these, whether for gathering data or updating software remotely, must be protected from code-breaking quantum computers, since they will continue to be in operation years beyond even conservative estimates for quantum’s emergence.
We help organisations meet these challenges, with quantum-resistant encryption that can be deployed in today’s networks and commercial products, replacing or complementing existing systems.