Contact Us
  • No products in the list

MAS advisory on addressing quantum cybersecurity threats

In February 2024, the Monetary Authority of Singapore (MAS) issued an advisory to CEOs of financial institutions, urging them to address the cybersecurity risks associated with quantum.

MAS is the central bank and financial regulatory authority of Singapore. On 20 February 2024 it issued a circular to the CEOs of all financial institutions: Advisory on addressing the cybersecurity risks associated with quantum.

In the 3 page memo, MAS sets the scene by highlighting the recognised risks associated with the advent of quantum computers – specifically the threat posed to conventional asymmetric cryptography used widely in todays public key infrastructure.

The MAS advisory comprises two core recommendations:

  • Attain cryptographic agility
  • Implement quantum security

Crypto agility is essential if financial institutions are to effectively migrate away from a vulnerable state to more secure, post-quantum cryptography (PQC) without having a disruptive impact on their IT infrastructure. At the same time, MAS advocates for the inclusion of other quantum technologies, specifically QKD, to help further mitigate risk.

The advisory highlights three initiatives for CEOs to follow:

  • Keep abreast of the latest developments in quantum computing and raise awareness of of the associated cybersecurity risks.
  • Maintain an inventory of all cryptographic assets and identify priority assets for migration to a quantum-resistant state.
  • Develop strategies and build capabilities to address the cybersecurity risks associated with quantum.

As part of the monitoring process, MAS advocates for financial institutions to work closely with third party IT vendors and relevant industry groups as part of a “we’re all in this together” strategy – a policy that is echoed by industry giants such as IBM and Thales.

A common-sense approach to quantum-safe migration must include an audit of all existing cryptographic systems. Identify any and all systems that are dependent upon cryptography for data security, integrity and authenticity. Prioritise those systems most vulnerable to the quantum threat and establish a roadmap for migration to PQC and QKD.

MAS offers up a few strategies to help financial institutions on their quantum journey:

  • Uplift internal technical competencies to support the quantum migration
  • Review all security policies and procedures to ensure they are quantum-relevant
  • Develop risk mitigation strategies for those systems that cannot be migrated

Importantly, MAS also advocates for early adoption and establishing proof-of-concept trials to gauge the likely impact on incumbent systems and highlight any potential implementation challenges.

If you would like to find out more about PQC and QKD, or want to discuss a potential POC, please reach out and contact us.

Stay one step ahead

Subscribe to our newsletters to receive breaking news, educational materials and product updates.
HomeShop Online