search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Cybersecurity


failure to do so could lead to significant legal disputes and result in the loss of millions of dollars. In addition to the security risks posed by


quantum computing, there is a significant concern about the potential for digitally signed documents to be tampered with retroactively. In today’s digital era, electronic documents are gradually replacing traditionally signed papers, and even physical documents are often digitised and stored securely. However, in the absence of robust post-quantum security measures, every digitally signed document that lacks a physical counterpart would be subject to suspicion and legally unenforceable. Document signing companies that hold millions of rental agreements, employment contracts and other important papers must re-secure all their documents before quantum computers become a real threat. Failure to do so could lead to catastrophic consequences and significant legal disputes. To summarise, the development of quantum-resistant cryptographic


systems is crucial in securing sensitive information and preserving the integrity of critical infrastructure. The possibilities of retroactive tampering of digitally signed documents, along with the vulnerability of blockchains, call for urgent attention. The world’s economies and security depend on quantum-resistant cryptographic systems being developed, tested, and deployed before it is too late.


What this means for your business In light of the potential risks posed by quantum computing, businesses must determine which data requires protection and which is of little value to cybercriminals. This will determine where post-quantum cryptography (PQC) and traditional cryptography can be employed. It is critical to comprehend the timeframe within which data becomes obsolete, as certain information will require indefinite protection, while others will be irrelevant to malicious actors after a few years. Once this analysis is complete, a proof-of-concept that employs PQC or hybrid techniques to secure data can be created before establishing a plan to implement it across a company’s digital assets. This will aid businesses in safeguarding their most critical data and minimising the potential impact of quantum computing on their operations. In some cases, transitioning from one method to another will be


sufficient to protect certain systems. For instance, Transport Layer Security (TLS) can be adapted to become quantum-resistant, and post-quantum cypher suites are already accessible through Amazon Web Services. As a result, information that is transmitted, such as credit card data transmitted from a customer to an eCommerce retailer, should be secure in all future transactions. However, upgrading or replacing legacy systems may be necessary and implementing quantum security across an entire organisation could take years. It is critical for businesses to develop a comprehensive roadmap for transitioning to post-quantum security to minimise potential risks while maximising their existing security infrastructure. In order to secure their existing assets, companies have two main


options. The first is to re-encrypt their data using the new quantum- resistant algorithms, which have been designed specifically to be safe from quantum computer attacks. However, this process can be quite time- consuming and complex, especially if the company has thousands or even millions of pieces of data that need to be encrypted. As a result, some


www.pcr-online.biz


companies may be hesitant to take this approach since it could cause delays and disruptions to their day-to-day operations. The second option is to use a hybrid encryption


approach, which involves leaving the existing encryption in place but adding an additional layer of quantum-resistant encryption on top of it. This can be a faster and more efficient way to upgrade existing security measures since it doesn’t require a complete overhaul of the encryption system. However, there are some potential downsides to this approach as well. One issue with hybrid encryption is that it can


make files larger, which can be a problem for companies with limited storage capacity or slow


network connections. In addition, there is a risk that incorrectly implemented hybrid security could actually be less secure than regular non- quantum safe security. This is because adding an additional layer of encryption can create new vulnerabilities and attack surfaces that a determined hacker could exploit. It’s also worth noting that the four quantum-resistant algorithms that have


been identified by NIST as potential candidates for future encryption standards may not be completely fool proof. Although they have been designed to resist attacks from quantum computers, it’s possible that further testing or real-world use could reveal weaknesses or vulnerabilities that have not yet been identified. In addition, there are likely to be additional stages of evaluation and testing before any of these algorithms are adopted as official standards, which could create further uncertainty and confusion for companies seeking to upgrade their security measures. Drawing from our extensive four-decade experience in cybersecurity,


Utimaco anticipates a future where a single dominant cryptographic scheme, like RSA, will no longer be prevalent. Instead, we foresee a world where various schemes, potentially including all the current NIST candidates, will coexist. The reason for this shift is the explosive growth of cryptography use cases, such as IoT and cloud devices, which have different size and performance requirements, necessitating multiple schemes. Having multiple schemes also adds an extra layer of security by


diversifying the risk. A malicious actor may be able to crack one scheme, but not all, making it essential for individuals and organisations alike to become ‘crypto agile’. Being able to operate flexibly across different schemes will be critical to keeping sensitive information secure.


What you can do today The advent of quantum computing is imminent, with predictions suggesting it could happen within the next decade. Once this technology arrives, much of the existing cryptography will become obsolete, putting organisations at risk. Switching to quantum-resistant algorithms is essential, but it can be a


challenging and costly process with no guarantee of complete security. However, working with the right partner can help ease the transition to a post-quantum world. Experienced providers of quantum-safe solutions offer Hardware Security Modules that provide crypto-agility, allowing for easy updates as algorithms evolve. Additionally, cloud-based offerings simplify the transition and reduce the time and costs associated with transitioning to quantum-safe encryption. Therefore, by selecting the right partner, companies can significantly reduce the resources required to prepare for future threats.


April 2023 | 27


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52