BLOG
Time for some good news in cybersecurity
10-MINUTE READ
August 6, 2024
BLOG
10-MINUTE READ
August 6, 2024
It's been some time since the global tech outage in July. Such disruptions are never good, and when they affect so many critical infrastructure sectors like transportation and healthcare at once it’s even worse. Systems are being restored and lessons on the importance of operational resilience are being learned. But geez—what a difficult moment for everyone in the security business and the world it was. But now for some good news.
You may have been following the rapid advances in science and technology around quantum computers. Ninety-nine years of quantum mechanics in the making, these last ten years have seen absolutely amazing advances in practical quantum information science and quantum computing in particular. From the earliest 2 quantum bit (QuBit) computers a decade ago that lasted only seconds, we now have stable quantum computers in the cloud with over a thousand qubits, with equally rapid advancements in fidelity that allow even greater precision. Unlike a digital bit that can only be on OR off, a qubit can be on, off, AND everything in between all at once.
That means it doesn’t take many qubits to start solving massively important challenges of humanity including creating lifesaving drugs, bringing AI to unprecedented new levels, and exploring the origins of the universe.
The scientific advancements are coming from all points: governments, giant technology companies, major academic institutions, as well as individual scientists, purpose-built companies, and regional ecosystems around the world. The United Nations has named 2025 the Year of Quantum, which is going to be life changing. While quantum computing can have a very positive impact on business, it will also increase cybersecurity threats, for the very same reason that it’s useful: it solves the unsolvable, fast.
One of the massive problems a quantum computer can solve is a factoring problem. Just as we can all multiply 3 times 5 and get 15, factoring is a basic mathematical operation that can reverse that equation and given 15, tells you that the two factors must be 3 and 5. In the 1970s it was reasoned that almost any computer will be able to multiply two numbers together, but that if the numbers were big enough, the world would never make a computer fast enough to factor that result. That mathematical assumption has held true for almost 50 years of computing and is a fundamental basis of the way encryption is used to share information from one device to another.
However, on their current track, quantum computers will also soon be able to break the encryption in use today in every industry, every nation, every home, and every device. This capability will first come to nation states that could wield it to destabilize entire sectors like banking or transportation or communications, then to global organized criminals that can use it to steal, extort, and ransom life-line services such as healthcare, food, and water. Then it will be available to any malware miscreant to cause their own havoc on society. It’s a big deal.
This new quantum risk did not just sneak up on society. I’ve been focused on it since 2015 when I began working on the beginnings of a National Cyber Moonshot for America, and groups like the National Institute of Standards and Technology lead a globally focused effort even longer to find a solution (or group of solutions) that can work for all. And they have.
NIST will soon announce the first new global encryption standards for our post quantum world. This is big news for everyone.
The world is presented with a new risk—quantum computers that can soon break our encryption—and a new solution—a set of new standard encryption algorithms that don’t rely on factoring as their secret sauce and thus will stand up against these coming quantum attacks.
Here are three key suggestions for organizations to consider:
They might also incorporate the newest quantum key distribution (QKD) systems that use quantum physics itself to share keys without risk of subversion. A highest level ’defense in depth’ architecture is also now available that integrates the best of each of these at the right levels of a critical complex enterprise.
Our quantum security teams at Accenture have been helping clients around the world in all three phases of their quantum journey. They have developed leading accelerators and architectures for each stage, and integrated emerging technologies that have been developed specifically for this effort. Good news indeed.
Quantum readiness, in a business context, means preparing to counteract quantum threats by understanding potential disruptions and integrating quantum-resistant solutions into existing cybersecurity strategies.
While this NIST quantum security announcement will be new to many, it’s really good news that with significant new cyber risk comes an equally significant new capability to manage it. Organizations just need a strategy, new discovery tools, and a new way to encrypt and manage cryptography with excellence—as well as teams like Accenture that have been focused on this for years.