Quantum computing is a revolutionary technology that leverages the principles of quantum mechanics. Unlike classical computers, which operate using bits (0 or 1), quantum computers utilize qubits. These qubits can exist in multiple states simultaneously, allowing them to perform some complex calculations much faster than their classical counterparts.
The risk to traditional encryption
The rise of quantum computing poses a direct risk to traditional encryption methods. Many current cryptographic algorithms, such as RSA and ECC, rely on complex mathematical problems that quantum computers could soon solve rather quickly. This means that sensitive data, such as personal information, financial records, and intellectual property, will be vulnerable to cybercriminals equipped with quantum technology.
Example of a current threat
Recently, a serious incident occurred in which personal data from the population screening program (Bevolkingsonderzoek) in The Netherlands was leaked, causing significant societal impact. While the investigation was ongoing, it raised an important question: even if the data was encrypted, would that have truly prevented future harm?
Imagine a cybercriminal gaining access to encrypted data collected through a data breach. This data may seem secure now, as it is encrypted, but with the advent of quantum computers, it could be decrypted in the future. This phenomenon is known as “harvest now, decrypt later” or “store now, decrypt later”. Several organizations, including the Dutch NCSC (National Cyber Security Centrum), have already issued warnings about this threat.
Why you need to act now
Quantum computers are developing rapidly
Organizations must act swiftly to strengthen their cybersecurity measures against these emerging challenges. The time to act is now, as quantum computers are already exist, and the first commercial applications are not far off. It is crucial to adopt a proactive approach. Cryptography migration is a complex activity that takes time and effort. Planning early avoids rushed, insecure deployment, as well as providing the opportunity to leverage ongoing technology transformation activities. Organizations may see the risk of quantum as an opportunity to get their cyber fundamentals in order. Within the quantum context, organizations should (as a minimum) inventory their sensitive data, identify the encryption algorithms currently in use and assess which of these can be (and must be) replaced in the short term with stronger, quantum-safe alternatives.
The dangers of inaction
Not addressing the risk of quantum computing poses significant medium- and long-term risks to your organization. As mentioned, data that is currently being collected may be decrypted in the future. Therefore, it is important to develop a strategy as soon as possible that not only addresses future risks, but also addresses current threats
Our solution
At EY, we recognize the urgency of this situation and have developed various solutions to the aforementioned problems. Also, in addition to being a member of the IBM Quantum Network, as well as collaborating with IBM on AI and hybrid cloud, EY can also work with IBM to offer organizations support in their transition to a quantum-safe future. Ultimately, our services are designed to help businesses develop resilient cyber strategies to navigate the risks posed by the evolution of quantum computing.
Solution 1: Quantum-Safe Readiness Assessment
Our assessment provides a comprehensive evaluation of your current security posture against quantum risk. This includes:
- Assessment of your current security posture: We evaluate your existing cyber security measures and identify vulnerabilities that may be exposed by quantum computers.
Evaluation of infrastructure and technologies: We analyse your current infrastructure and technologies to determine their suitability for the transition to quantum-safe cryptography. - Risk-based readiness score: You will receive a score indicating your current readiness, along with an action plan to enhance your security.
