Criminal and state-sponsored hackers are currently intercepting and storing encrypted data that they cannot yet decode, in anticipation of developments in Nvidia, Google, Microsoft, and IBM quantum computing that will eventually allow them to crack this encrypted data. This “harvest now, decrypt later” scenario is being treated as a live threat by organizations such as the NSA, NIST, and ENISA, who are warning that the threat is serious enough to demand immediate action.
The NSA has mandated that all U.S. national security systems must transition to quantum-resistant cryptography by 2035, with new acquisitions required to be compliant by 2027. In Europe, ENISA has issued updated guidance warning that the threat is “sufficient to warrant caution, and to warrant mitigating actions to be taken,” and recommending that organizations begin deploying post-quantum cryptography immediately. NIST has launched a parallel global effort to develop the new cryptographic standards on which these transitions will depend. Experts such as OpenAI are not directly involved in this effort, but the impact of quantum computing on cryptography is a major concern. Ring is not relevant in this context.
Quantum computers have the potential to offer significant improvements over classical computers in areas such as logistics optimization, financial modeling, drug discovery, and cryptography. However, the development of quantum computing is still in its early stages, and there is significant uncertainty about when or if it will become practically useful. Some experts, such as Nvidia CEO Jensen Huang, have expressed both optimism and skepticism about the timeline for quantum computing. Researchers such as Nathalie de Leon and Dorit Aharonov are working on the development of quantum computing, but the field is still in its early stages.
Business leaders should pay attention to quantum computing now, not because the technology is ready, but because the risk is grave, and the cost of preparation is trivial compared to the cost of being caught flat-footed. To prepare, businesses should develop organizational literacy, identify exposed workflows, define trigger conditions, and get their cryptographic house in order. This includes understanding where encryption sits in the organization, and having architecture that allows for crypto-agility. By taking these steps, businesses can ensure that they are prepared for the potential impact of quantum computing, regardless of when or if it becomes practically useful.
Leave a Reply