Why Quantum Computing Capabilities Are Creating Security Vulnerabilities Today


Quantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate.


Indeed, quantum computing poses an existential risk to the classical encryption protocols that enable virtually all digital transactions. Over the next several years, widespread data encryption mechanisms, such as public-key cryptography (PKC), could become vulnerable.


Any classically encrypted communication could be wiretapped and is potentially subject to data exfiltration once quantum decryption solutions are viable. These tactics are referred to as “harvest now, decrypt later” attacks.


As such, ensuring that data encryption remains secure requires our urgent attention — even before quantum computing solutions become generally available. Even if some data is irrelevant or quickly loses its value to threat actors, data related to national security, infrastructure, medical records, intellectual capital, and more could well retain or increase in value over time — see Figure 1. As an executive at one European bank told us, “We want to keep our data forever confidential.”


While the simple exposure of data is a threat, risk scenarios escalate from there. We use cryptography to protect communications networks, verify electronic transactions, and secure digital evidence. And today’s smart automobiles and airplanes rely upon highly connected digital ecosystems, with decades of service life ahead of them. Even critical infrastructure systems, traditionally segregated from digital networks, depend increasingly on over-the-air updates and Internet of Things (IoT) field data capture capabilities.



Figure 1 — Data type retention requirements (Sources: CalChamber Alert, quantum computing capabilities creating security vulnerabilities today