- Many business leaders are unprepared for the cybersecurity risk posed by quantum computers.
- National cybersecurity agencies across the globe are beginning to take positions on the quantum threat.
- The 世界经济论坛 and Deloitte have formulated a list of five principles to ensure quantum readiness in business.
减轻对全球经济的系统性威胁, the quantum computing revolution requires changes to how organizations secure data and communications. 在未来, sufficiently powerful quantum computers will be able to disrupt businesses by breaking some of the cryptographic foundations used to protect vast amounts of data and transactions. Dealing with this risk will require organizations to adopt quantum-secure technologies, which will likely be a complex and time-intensive undertaking. The time to act is now, but many leaders do not know where to start.
The attention paid to managing this quantum risk is ramping up across the globe. 例如,在欧洲 French and German cybersecurity agencies have taken positions on how to help mitigate this danger. 不过,美国可能是遥遥领先的. It has begun formalizing its stance with a series of federal actions published over the last couple of years: most notably, 去年的 管理和预算办公室的备忘录 (OMB) requiring federal agencies to create a prioritized inventory of information systems that use cryptography vulnerable to quantum computers.
A recent report shows that these activities are still a work in progress, 最明显的是由于今天密码学的地方性, which highlights some of the challenges that large global organizations will face as they prepare to become quantum secure.
量子网络安全的5项指导原则
In 2021, 世界经济论坛, 与德勤合作, embarked on an initiative to help organizations prepare for their quantum-readiness journey. 在2022年,他们开发了 向量子安全经济过渡 white paper, which offers leaders guidance on enabling a secure transition to the quantum economy.
确保量子安全过渡的指导原则. 图片来源:世界经济论坛/德勤
The latest milestone in this collective initiative is the creation of the 量子准备工具包, which expands on the guidelines and is enriched with insights from global industry leaders. The five high-level principles provide more detailed suggested activities that are based on the quantum readiness framework established in the original white paper. This new resource helps organizations assess their quantum security awareness and prioritize next steps for quantum readiness.
- Ensure the organizational governance structure institutionalizes quantum risk. Defining clear goals and responsibilities and making your leaders care is essential to a successful transformation.
- 在整个组织中提高量子风险意识. 领导人, security experts and risk managers need to know what quantum risk is and how it will affect them.
- Treat and prioritize quantum risk alongside existing cyber-risks. A structured and cohesive risk-management approach helps build resiliency towards emerging risks.
- 为未来的技术采用制定战略决策. Leverage this opportunity to transform your technology landscape to one that enables you to be “crypto agile”.
- 鼓励跨生态系统的合作. Work together with partners to jointly identify systemic risks and mitigate them.
To successfully implement these principles, several things are key. Firstly, leaders and teams need to be aware of how mitigating quantum risk is an essential step for future-oriented and resilient organizations. 没有足够的意识和支持, quantum security transformations are bound to fall short of their goals. 其次,领导者必须认识到没有“快速解决方案”。. 他们必须投资于人, process and technology to have a comprehensive and effective answer to quantum risk. 但最重要的是,现在是采取行动的时候了. The quantum threat may feel distant; but the longer organizations wait, 时间用完的风险就越大. Preparing now might benefit organizations’ cyber resilience in other ways as well.
It is important that leaders remain engaged and committed to act on quantum risk. 生态系统可以支持他们这样做. Narrowing down a overwhelming problem to an overview of concise and tangible steps for leaders to take will make things easier. Integrating quantum cyber readiness requirements into existing cybersecurity frameworks, such as the National Institute of Standards and Technology (NIST) Cybersecurity 框架, 也可能有帮助, since that is often the language that security leaders already speak. 但最后, it is essential that organizations such as 世界经济论坛 keep disseminating insights and guidance to demystify quantum risk and to promote worldwide action. The 量子准备工具包 is another important step in this direction, 其他人肯定会效仿.
本文首次发表于 世界经济论坛.