Quantum computers pose a threat to current cryptography, but there is constant debate about when they will be capable of breaking current encryption. Let’s just say we set our expectations to 15-20 years. So why worry about protecting data now? Industries with sensitive data such as healthcare, finance, government, etc., must have a plan to safeguard against this threat.
The simple truth is that nefarious actors are already capable of stealing data. They may be holding onto that data until a more profitable opportunity presents itself. Having a plan to be proactive and implement security measures now, ensures that the information can’t be accessed later, even as quantum computers become capable of breaking encryption.
One particular technology that is most difficult to secure is the internet of things (IoT). These devices usually have a small amount of memory, lack processing power, and operate in a wide variety of networks. IoT is seen as a weak link in many network configurations and are the cause for many cyber intrusions. For this reason, new legislation is on the horizon to address vulnerabilities of IoT devices. The bill would set minimum security standards for commercial IoT. With many industries using IoT devices in their networks, companies will have to look into their security practices and address both future legislation and other external threats.
Adoption of new technology takes a lot of time. It is critical for the innovators and pioneers to implement security measures in industries where confidentiality of customer data is a top priority. The IoT security market is still in its adolescence, but risk managers, executives, CISOs, and CIOs should be aware of the shifting landscape for both IoT and post quantum. They should plan to include IoT and possibly post quantum into current security efforts, prepare for legislation, and identify any additional constraints such as skill gaps.
There are many business benefits to having a solid security strategy, and the innovators adopting post quantum continue to both educate and advocate to other security professionals.
For a more in depth explanation of Quantum security, cryptologist, David Gotrik dives deeper into the subject in this video.