Businesses must not be afraid but ready for Y2Q - Freha Arshad and Tom Patterson

By Freha Arshad and Tom Patterson
Published 21st Jul 2023, 07:00 BST
Updated 2nd Aug 2023, 11:54 BST
Comment
Over the past few years, we’ve made huge steps towards making quantum computing a reality. It has the potential to bring substantial benefits to many organisations and make exciting new breakthroughs in science.

But the benefits of this new era of supercomputing comes with risk in equal measure when it comes to the realm of cryptography. It is estimated that it would take a powerful quantum computer just seconds to break the same RSA encryption that would require trillions of years from our current computers – rendering our encryption models obsolete.

Business leaders cannot afford to be intimidated by the technical nature of such developments and must recognise the threat they pose. Cryptography is often overlooked, but it is essential for the security of all transactions over the internet. Without it, online banking transactions could be compromised, the confidentiality of classified information and personal data could be breached, and the integrity of digital signatures and certificates undermined.

Hide Ad
Hide Ad

With the technology progressing at an accelerated pace, quantum computing threatens to break current encryption keys by the end of this decade – if not sooner. Massive efforts were undertaken to address the Year 2000 (Y2K) bug. But because the “years to quantum”—or Y2Q—cannot be definitively predicted, many have postponed preparations.

​Freha Arshad, Scotland Security Lead, Accenture​Freha Arshad, Scotland Security Lead, Accenture
​Freha Arshad, Scotland Security Lead, Accenture

When it inevitably does happen, unprepared organisations at every level and in every sector risk falling victim to cybercrime and disruption. Cybercriminals are also aware of the proximity of post-quantum vulnerability. Many have already adopted a “hack now, crack later” approach, stockpiling stolen data for decryption later.

Scottish organisations must therefore prepare for the threat of post-quantum decryption now, to protect their organisations from potential future data breaches.

The task of overhauling encryption as we know it therefore sounds like a tall order, however the concept of ‘crypto agility’ is quickly being established as the best place for businesses to go. This creates the ability for an organisation to quickly rotate its processes and cryptographic technology based on real-time t