Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Ask The Experts

12/27/2019
07:00 AM
Edge Editors
Edge Editors
Ask the Experts
0%
100%

How Can My Security Team Begin Future-Proofing for Quantum Computing?

Knowing where your digital certificates are is just the start.

Question: How should my security department begin future-proofing for quantum computing?

JD Kilgallin, senior integration engineer at Keyfactor: To future-proof enterprise networks and systems against threats posed by quantum computing, security teams should be prepared to take quick action. At the very least, this requires knowing where your digital certificates are, what cryptographic algorithms their keys are using and what quantum computing means for them, and what systems need to trust those certificates and might experience an outage if the certificate and its chain suddenly change.

It also requires the ability to quickly coordinate changes between entity certificates and the trust anchors of other endpoints that rely on those certificates. Administrators should keep a careful inventory of these keys and certificates and employ automated techniques to securely deploy updates en masse. This can be a large undertaking that administrators should begin preparing for sooner rather than later.

In the meantime, security teams should ensure that all sensitive communications that rely on digital certificates to protect communication confidentiality are employing ciphers that offer forward secrecy, so that stored communications are not disclosed when the key is compromised in the future by quantum computers.

Related Content:

 

The Edge is Dark Reading's home for features, threat data and in-depth perspectives on cybersecurity. View Full Bio

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
   OVER THE EDGE
Building Cybersecurity Strategies in Sub-Saharan Africa

Filmed for Dark Reading News Desk at Black Hat Virtual.

LAURA TICH: We have that imbalance, where the big organizations are more protected, where the smaller ones -- which are the most common businesses in the region -- they are least protected... Sometimes they do get the tools, they do get the funding to buy some critical tools, but there's a lack of skills to handle or people who understand how to work those tools. So there are a lot of factors that contribute to our growth -- or lack thereof -- in the cybersecurity industry.

 

Name That Toon: 'Rise' and Shine
Flash Poll