The Monetary Authority of Singapore (MAS) has directed financial institutions to proactively integrate post-quantum cryptography (PQC) and quantum key distribution (QKD) into their cybersecurity strategies. MAS underlines the imminent cyber threats anticipated in the coming decade, emphasizing the susceptibility of commonly used encryption methods to cryptographically relevant quantum computers (CRQCs). The advisory highlights the potential risks to financial transactions and sensitive data processed by these institutions.
To stay ahead of the quantum threat, MAS suggests vigilant monitoring of quantum computing developments, implementing PQC and QKD, and ensuring that third parties are aligned with risk mitigation efforts. The directive also emphasizes the critical evaluation of existing cryptographic solutions, assessing their vulnerability and compatibility with future secure systems. As Singapore holds a significant position in Asia’s financial services sector, MAS’s guidance is likely to resonate across the region, influencing how institutions prepare for the quantum computing era.
Industry experts, including Joe Fitzsimons of Horizon Quantum and Stas Protassov of Acronis, endorse the advisory, noting the recent emergence of research results indicating the proximity of cryptographically relevant quantum computers. The urgency arises from the vulnerability of encrypted network communications to potential “capture now, decrypt later” attacks, underlining the need for proactive measures to secure sensitive information over extended durations. Despite the estimated 10 to 15 years before widespread quantum computing benefits, financial institutions are urged to act now to safeguard against future cyber threats.