Il World Economic Forum presents a toolkit (DOWNLOAD THE DOC HEREORIGINAL INCREASE) designed for help organizations embark on the cybersecurity journey in the age ofquantum computing. The toolkit urges leaders to take cyber-quantum protocols into account in business ecosystems and ensure there is collaboration in identifying risks and adopting safeguards.
Five guiding principles
I five guiding principles of the toolkit provide practical guidance to help organizations understand how to begin the transition to quantum security. They can help organizations understand where they stand, identify gaps in their preparations to become quantum secure, and improve their initial steps towards quantum security:
Ensure that the organizational governance structure institutionalizes quantum risk
The quantum threat requires organizations to align their governance structure with the transition to quantum computing readiness, defining clear goals, roles and responsibilities, and building leadership buy-in to apply change effectively.
Increase awareness of quantum risk across the organization
Demystifying the quantum threat is critical. This requires not only quantum cyber-readiness experts, but also senior leaders and risk managers to understand the risk and impact of the threat to the organization.
Treat and prioritize quantum risk alongside existing cyber risks
A quantum cyber-ready organization follows a structured approach to assess and manage quantum risk and integrates quantum risk mitigation into existing cyber risk management procedures.
Make strategic decisions for the adoption of future technologies
Quantum risk management offers organizations the opportunity to reevaluate their technology landscape, particularly their use of cryptography. To make the most of technology solutions that help mitigate quantum risk, organizations must make strategic technology decisions that support “crypto-agility” to achieve their security goals.
Encourage collaboration between ecosystems
Quantum risk is a systemic risk. An effective quantum security strategy involves collaborating and sharing information with other organizations to identify risks across the ecosystem and vendors to jointly mitigate those risks.
Protect yourself from the risks of emerging technologies
Emerging technologies pose a significant threat to cybersecurity protocols that protect digital communications and sensitive data. At the moment, the main focus is onartificial intelligence and its potential to facilitate increasingly sophisticated scams and amplify misinformation.
A less immediate but equally worrying risk comes from the advanced technology known as quantum computing. This technology is still largely in development, but rapid advances in recent years could make commercially viable machines available in the near future.
What is quantum computing?
Classical computers are driven by digital processors capable of performing complex calculations at high speed. Quantum computers use specialized hardware and algorithms that exploit the principles of quantum mechanics, a branch of science that deals with the behavior of light and matter and the properties of molecules, atoms, electrons, protons and neutrons and other unimaginably small particles.
By exploiting this subatomic behavior, Quantum computers are capable of creating “multidimensional computational spaces”which essentially means that they can conduct billions of new calculations at the same time. This allows them to solve much larger problems at a speed that is difficult to fathom.
For example, in 2019, a quantum computer built by Google took just over three minutes to solve a calculation that would have taken the world‘s fastest supercomputer 10,000 years to complete. With that level of processing power available, it’s not hard to see that quantum computers have the potential to bypass blocks encryption that currently protect the world‘s communications and data.
Tech companies’ response to quantum risks
With no real timeline for the arrival of quantum computers, land technology companies are eager to address potential challenges to current cybersecurity systems, before they become reality.
In an announcement on February 21, 2024, Apple unveiled what it called “a revolutionary post-quantum cryptographic protocol.” The company says its “Pq3” security system is designed to protect data sent on its iMessage platform. Apple says its system offers protection against “even highly sophisticated quantum attacks.”
Apple says it is introducing this post-quantum encryption now to protect against so-called “harvest now, decrypt later” attacks, in which cybercriminals collect masses of data with the intention of decrypting it when the technology becomes available.
Google it is also developing post-quantum security protocols and has already adopted them to protect the company’s internal communication. Google says introducing new encryption systems is inherently risky, citing examples of protocols that have been broken by conventional computers.
Protect the global economy
The responsibility to protect essential systems from malicious actors using quantum computers it will extend well beyond technology companies.
The research states: “Developing a coherent approach for the transition to a quantum-secure economy requires a broad, collaborative and critical approach from a diverse, global community of business and cybersecurity leaders.”
Helping businesses transition to the quantum economy
In 2022, the World Economic Forum, in collaboration with Deloitteproduced a framework for help organizations plan an orderly transition to a quantum economy (DOWNLOAD THE COMPLETE DOCUMENT HERE). It also addresses the need for a set of governance principles and values as a way to “build trust in the technology and prevent possible risks before the technology is commercialized.” These governance principles include commitments to cybersecurity, privacy and accountability. The new toolkit is based on all these principles.