For your company , you need to start quantifying the risk that quantum represents .
PREDICTIVE INTELLIGENCE
� to easily switch between cryptographic algorithms in the future . Most cyber systems are hard coded to use a specific set of algorithms , such as RSA . Now that we are being forced to make changes , we would be foolish not to add more flexibility .
We ’ ve already seen NIST candidate algorithms being broken . Perhaps most dramatically when SIKE was broken ‘ in a weekend on a laptop ’ by a researcher . We must be prepared to make many more changes in the future .
What should a CISO do today ?
Hopefully , you are beginning to realise that action is needed on the quantum threat , even if you have many other fires raging right now .
But perhaps it ’ s not clear what to do . There are many conflicting stories in the news and it can be difficult to separate fact from fiction . I would recommend
For your company , you need to start quantifying the risk that quantum represents .
you take the following steps , as soon as practicable , to ready your organisation .
Start quantifying the risk to your organisation
Cyber is a game of risk and you need to speak this language to influence your organisation , and the board , towards action .
For your company , you need to start quantifying the risk that quantum represents . For instance , you might want to consider which of your data is longterm sensitive and what it would mean for the wider business if it was exposed .
Putting some concrete numbers around these risks will allow you to gather support for addressing the threat , even if it remains a few years away .
Assess your infrastructure and plan the migration
There is a lot of advice available on how to plan your migration to quantum resilience . The Department of Homeland Security has shared a roadmap that helps spell out the logical sequence of activities .
CISA implores that ‘ organisations should start preparing for the transition now ’.
34 www . intelligentciso . com