ISACA Highlights the Need for Early Quantum Security Planning

A recent study from ISACA’s global Quantum Computing Pulse Poll highlights how enterprises are highly unaware of the potential threat from quantum computers where 40% of respondents were not aware of their companies plans to mitigate this risk, and 41% who do not plan to address quantum computing at this time. 

When participants were asked about how their organisation views quantum computing in terms of its current innovation strategy, only 5% deem it a high priority in the near-term, and 37% have not discussed quantum computing at all.

The ISACA poll also highlighted how just 7% of respondents have a strong understanding of the new NIST standards, despite NIST having worked on these standards over the preceding 10 years. Additionally, 44% of respondents revealed that they have never heard of them.

Therefore, there is clearly a significant gap between enterprises’ sense of urgency and the growing risk posed by the arrival of ‘Q-Day’, the date at which quantum computers could potentially be used to crack current internet encryption. Leading tech firms continue to pour significant investment into developing commercially viable quantum computers, and whilst this technology holds the promise of unlocking scientific and medical research and being a force for good, such powerful computers could theoretically be used by bad actors to crack current encryption standards and reveal sensitive information.

Thus, it is paramount that companies prepare today to improve the security of their data moving forward. This can be achieved with an initial quantum readiness assessment that aims to identify cryptographic algorithms in use, suggests moving to quantum resistant alternatives where possible, and provides a clear roadmap highlighting which assets must be prioritised for upgrade when PQC becomes available.  

For more information, please visit: AI & Cybersecurity Resilience Services