According to a new Forrester report, the commercial availability of quantum computers that can compromise traditional asymmetric cryptography is still five to 10 years away, but warns security and risk (S&R) professionals must assess and prepare for the impact of quantum security now.
Stefan Leichenauer, VP of Engineering at SandboxAQ, commented:
“The Forrester report is exactly right about the threat of quantum computers: in as little as five years we could see a quantum computer crack traditional cryptography, and because of “hack now, decrypt later” attacks, the vulnerability exists today.
“Even if we have doubts about whether a quantum computer will arrive in that timeframe—maybe you think it’s only a 10% chance—a modest probability of a trillion-dollar-loss event is still a big problem.
“We’ve seen a number of recent announcements from the quantum computing industry showing that the roadmap is advancing, so our confidence that quantum computers are coming has only gone up. Every organization needs to evaluate their cryptographic posture, which begins with a careful inventory of their use of encryption and then a crypto-agile migration to post-quantum key exchanges. It’s a multi-year process, so the time to start is now.”
This should make those who defend against attack take a more urgent approach to defending themselves. I say that because threat actors can pwn you now and try to make you pay later. Thus the play has to be is to avoid the pwn now part so that the pay later part is a non-issue.
Related
This entry was posted on March 10, 2025 at 2:51 pm and is filed under Commentary with tags Forrester. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Forrester Warns Quantum Security Isn’t Hype And You Should Prepare Now
According to a new Forrester report, the commercial availability of quantum computers that can compromise traditional asymmetric cryptography is still five to 10 years away, but warns security and risk (S&R) professionals must assess and prepare for the impact of quantum security now.
Stefan Leichenauer, VP of Engineering at SandboxAQ, commented:
“The Forrester report is exactly right about the threat of quantum computers: in as little as five years we could see a quantum computer crack traditional cryptography, and because of “hack now, decrypt later” attacks, the vulnerability exists today.
“Even if we have doubts about whether a quantum computer will arrive in that timeframe—maybe you think it’s only a 10% chance—a modest probability of a trillion-dollar-loss event is still a big problem.
“We’ve seen a number of recent announcements from the quantum computing industry showing that the roadmap is advancing, so our confidence that quantum computers are coming has only gone up. Every organization needs to evaluate their cryptographic posture, which begins with a careful inventory of their use of encryption and then a crypto-agile migration to post-quantum key exchanges. It’s a multi-year process, so the time to start is now.”
This should make those who defend against attack take a more urgent approach to defending themselves. I say that because threat actors can pwn you now and try to make you pay later. Thus the play has to be is to avoid the pwn now part so that the pay later part is a non-issue.
Share this:
Like this:
Related
This entry was posted on March 10, 2025 at 2:51 pm and is filed under Commentary with tags Forrester. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.