A recent ISACA survey reveals that most organizations are unprepared for the threat posed by quantum computing. Just 5% of IT professionals reported having a strategy in place to defend against quantum-enabled threats, and only 3% see it as a high business priority. More than half of respondents admitted that no steps have been taken to prepare for quantum computing. Experts warn that quantum computers will eventually break current encryption protocols like RSA and AES, potentially exposing all organizational data and systems.
Despite the lack of preparedness, many respondents acknowledged that quantum computing will significantly affect cybersecurity.
Over half of the professionals expressed concerns about “harvest now, decrypt later” attacks, where encrypted data is stockpiled for future decryption by quantum computers. Additionally, 62% worry that quantum computing will break internet encryption, while 57% believe it will introduce new business risks. These concerns highlight the urgent need for businesses to start addressing quantum computing’s impact on their operations and cybersecurity strategies.
The survey also revealed poor understanding of the National Institute of Standards & Technology’s (NIST) post-quantum cryptographic standards.
Only 7% of IT professionals globally had a strong understanding of the standards, with a particularly low comprehension among European professionals. NIST’s post-quantum standards provide solutions for quantum-resistant encryption, and organizations are encouraged to start transitioning their systems to these technologies. Experts urge businesses to assess their data vulnerabilities and begin the shift to quantum-safe encryption solutions as quantum threats loom.
While quantum computers are still in their early stages, experts predict that they will mature in seven to 15 years and become capable of breaking current encryption. However, the high costs and technical challenges of quantum computing mean that most companies will not own their own quantum computers. Instead, a “quantum-as-a-service” model is expected to emerge, where tech giants provide the necessary infrastructure. Organizations are advised to develop strategies now to mitigate the risks posed by quantum computing as it evolves into a significant cybersecurity threat.
Reference:
