(Forbes) Cybersecurity leaders must quickly adopt a change in rules to keep quantum computing from having us repeat the last 30 years of reactivity.
We all know and realize that “technology isn’t inherently good or bad — it’s the people who use it.” Yet we seem to be stuck in the same place we were in the 1990s when it comes to data protection. The 1980s and 1990s invited the first overt attempts to access data via the internet. DDOS attacks, for many, were the wake-up call. IT departments suddenly had the company interested in the security of its data and business.
While the quantum computers presently sitting in the labs of Google, IBM, D-Wave, and other researchers may not have the processing power to break commonly used encryption keys (such as AES 256 and RSA), future quantum computers very well may, which could enable the stolen encrypted data of today to be unencrypted in the future. In fact, a leak revealed that the NSA (through its “Penetrating Hard Targets” program) was working on “a cryptologically useful quantum computer.” One must not be naive and think that the U.S. is alone in developing such capabilities. Future quantum hackers could create major disruptions to modern communications and e-commerce that rely heavily on vulnerable cryptography.
In order to provide equivalent quantum-level data and content protection, cybersecurity leaders will be required to build quantum encryption (foundational to cybersecurity architectures) that operates at the file level. As it remains, I have no doubt that quantum computing will disrupt the cybersecurity landscape in a variety of ways, so we should move to that aforementioned rule change.