Deloitte survey more than half of respondents worried about quantum computing attacks
According to a Deloitte survey, more than half of the professionals surveyed who are considering the benefits of quantum computing believe their organizations are at risk (50.2%) of "steal now, decrypt later" (HNDL) cybersecurity attacks.
In an HNDL attack, hackers "steal" an organization's data now with the expectation that it will be decrypted later - when quantum computing reaches a level of maturity that renders some existing encryption algorithms obsolete.
Among the professionals surveyed, the time frame for organizations to assess potential vulnerabilities in post-quantum encryption varies. Nearly half of respondents (45 percent) said their organizations expect to complete this work within the next 12 months, or even sooner. Another 16.2 percent expect to conduct such a quantum risk assessment within the next two to five years.
Respondents indicated that their organization's quantum computing security risk management efforts are likely to progress under regulatory pressure, through legislation or policy (27.7%); and leadership requirements (board of directors, CISO/CSO, etc.) to achieve cryptographic flexibility and address algorithmic issues resulting from quantum computing (20.7%).
Other respondents' organizations appear to be taking a "wait-and-see" approach. Some indicated that a cyber incident involving their organization (11.7%), such as a sensitive data breach, would drive quantum security risk management efforts. Others said that the needs of customers or shareholders would play a similar role (6.8%).
Colin Soutar, Managing Director, Risk and Financial Advisory, Deloitte, concluded, "Collaboration between CEOs, boards and security leaders is necessary to drive quantum cyber readiness. A good cyber environment, such as developing encryption checklists, improving data governance and managing credentials, is a good step forward for today and when we are more fully in the quantum age."
Survey link:
https://www.slideshare.net/DeloitteUS/harvest-now-decrypt-later-attacks-pose-a-security-concern-as-organizations-consider-implications-of-quantum-computing/DeloitteUS/harvest-now-decrypt-later-attacks-pose-a-security-concern-as-organizations-consider-implications-of-quantum-computing
