Cybersecurity and Infrastructure Security Agency (CISA) has updated its recommendations for critical infrastructure’s preparation for potential security concerns brought on by quantum computing.
Quantum computing provides greater speed and power than classical computers. However, the emerging technology comes with potential risks, including data breaches, that could threaten the security of business transactions, secure communications, digital signatures and customer information.
Compared to traditional computers, quantum computing offers faster and more powerful performance. However, the security of business transactions, secure communications, digital signatures, and customer information could all be put at danger by the developing technology, which could also lead to data breaches.
“While post-quantum computing is expected to produce significant benefits, we must take action now to manage potential risks, including the ability to break public key encryption that U.S. networks rely on to secure sensitive information… Critical infrastructure and government leaders must be proactive and begin preparing for the transition to post-quantum cryptography now” said Mona Harrington, acting assistant director for CISA’s National Risk Management Center
Consequently, CISA urged all critical infrastructure owners and operators to use Post-quantum cryptography instead. Post-quantum cryptography refers to the cryptographic algorithms used to secure a system against an attack by a quantum computer.
CISA recommended all owners and operators of critical infrastructure to switch to post-quantum cryptography. Post-quantum cryptography refers to the cryptographic algorithms used to protect a system from a quantum computer assault.
In line with this, the Department of Homeland Security (DHS) and the Department of Commerce’s National Institute of Standards and Technology recently released a road map for post-quantum cryptography that instructs critical infrastructure stakeholders on the actions they can take to get their organizations ready for the switch, including identifying, prioritizing, and securing potentially vulnerable data, algorithms, protocols, and systems.
“We must prepare for [the transition] now to protect the confidentiality of data that already exists today and remains sensitive in the future,” said DHS Secretary Alejandro Mayorkas