Why IT Leaders are Fast-Tracking Post-Quantum Cryptography

Global technology is on the cusp of a significant shift as quantum computing advances threaten to undermine current encryption methods.

This impending change has far-reaching implications for data security across industries and governments worldwide.

Quantum computers, which leverage the principles of quantum mechanics to perform complex calculations, have the potential to break many of the cryptographic systems currently used to protect sensitive information.

In response to this looming threat, organisations and government agencies are increasingly turning their attention to post-quantum cryptography (PQC), which refers to cryptographic algorithms designed to be secure against both quantum and classical computers.

As the race to develop quantum computers intensifies, the need for robust PQC solutions becomes more pressing, particularly for entities handling sensitive data and critical infrastructure.

In light of this race, a recent study by General Dynamics Information Technology (GDIT), a technology services provider for government and commercial customers, reveals that 50% of federal IT leaders in the US are actively developing strategies to accelerate their transition to post-quantum cryptography.

US federal agencies prioritise PQC readiness

The research, titled "Quantum Waves", surveyed 200 experts and decision-makers across defence, civilian and intelligence agencies.

It aimed to explore how these agencies are addressing the PQC transition and identifying risks, challenges and technologies needed for migration.

According to the research, 35% of respondents are in the process of defining their plans and budgets for PQC readiness.

This indicates a growing awareness of the urgency to prepare for a post-quantum future.

Ben Gianni, Senior Vice President and Chief Technology Officer at GDIT says:

The study also found that 46% of respondents have identified key risks associated with current cryptographic practices but have not yet begun formal assessments.

Only 8% have fully integrated current PQC standards, highlighting the nascent stage of PQC adoption in many federal agencies.

Challenges in PQC adoption

Yet despite the momentum in PQC planning, the research uncovered significant obstacles facing federal agencies in their transition efforts.

GDIT reports that 37% of respondents cited the lack of formal guidance and strategic frameworks as a major challenge.

This suggests a need for clearer directives and standardised approaches to guide agencies through the complex process of PQC adoption.

Modernising legacy systems also remains a significant hurdle, with 48% of respondents identifying this as a key challenge.

The implications for operational technology, which encompasses the interconnected systems controlling physical operations in critical infrastructure, were cited as a concern by 29% of respondents.

Additionally, 24% of those surveyed reported difficulties in integrating PQC into their supply chains, indicating the far-reaching implications of this technological shift.

GDIT highlights the importance of vulnerability management in facilitating the transition to PQC.

According to the report, 44% of respondents identified vulnerability management as a top capability needed to discover, assess and manage cryptographic assets, prioritise risks and accelerate the PQC transition.

Ben emphasises the critical nature of this transition: "Quantum computing represents a turning point for cybersecurity, and achieving cryptographic agility is critical to secure our sensitive information against future threats.”

******

Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Technology Magazine is a BizClik brand