The 2020 Thales Data Threat Report reveals that 72% of respondents see quantum cryptography affecting their organisation in the next five years.
The study, based on a global IDC survey of 1,723 executives with responsibility for or influence over IT and data security, highlights that “quantum computing data security concerns are on the horizon” as one of seven key findings.
As the report summarises: “In terms of emerging threats, quantum computing is looming on the horizon and promises to further complicate data security. Cryptography requirements will fundamentally change when quantum computing comes online, and 72% of respondents see quantum cryptography affecting their organization in the next five years.”
Of this majority, 27% believe this will occur in the next 12 months and the remaining 45% within a 1-5 year timeframe. A further 14% think this will happen in 6-10 years’ time, while 6% say it will be more than 10 years.
The impact of quantum computing on data security
92% of respondents are concerned that quantum computing will create exposure for sensitive data, with 35% very/extremely concerned. In the US, that figure increases to 41%.
92% of respondents are concerned quantum computing will create exposure for sensitive data, with 35% very/extremely concerned.
To address the cybersecurity threats quantum computing poses, many respondents are actively looking at IT/security architecture changes (35%) and key management infrastructure deployment (34%).
However, many organisations are uncertain how to respond to threats that may surface. 22% plan to air gap critical systems (a security measure where secure networks are physically isolated from unsecure ones), while 6% currently have no plans.
This suggests that some IT and cybersecurity leaders may still need to see how quantum-safe security solutions, such as Quantum Key Distribution (QKD), can be applied in order to help them address their concerns and plan for their infrastructure to be secure both today and in the post-quantum era.
Quantum’s effect on industries
The Data Threat Report also focussed on quantum cryptography’s influence across different industries; identifying financial services, retail, healthcare and government as those that expect the largest impact.
Within 1-5 years, 77% of financial services firms expect quantum cryptography to impact them, followed by retail at 75%, and healthcare and government at 73%.
The report reveals that financial services organisations are the most concerned about quantum computing’s impact, with 94% expressing concern over exposure of sensitive data. Within this, 46% are very or extremely concerned.
In addition, 92% of government organisations are concerned, followed by retail at 90% and healthcare at 88%.
A smarter approach to data security
A key focus of the 2020 Data Threat Report is that; “As organizations face expanding and more complex data security challenges, they need smarter and better ways to approach data security.”
Importantly, this includes their preparedness for the post-quantum era, with the report stating; “Data security does not get any easier as the power of quantum computing exposes sensitive data sooner rather than later.”
Organizations must begin planning their infrastructure and key management adjustments to counter fundamental changes to cryptography brought on by quantum computing.
The report advises that, when making new infrastructure investments, these should offer crypto agility. This ensures that quantum-safe solutions such as Quantum Random Number Generation (QRNG) and Quantum Key Distribution (QKD) can be easily integrated into existing encryption solutions; improving their TCO & ROI.
This same flexibility ensures encryption solutions will support the new quantum resistant algorithms once they become available.
Overall, the report shows that the IT and cybersecurity communities are more aware of the impact of quantum technologies than ever, and that they are starting to take steps to ensuring their data security is the best it can be in the quantum age. However, there’s still work to be done.
On the bright side, the acknowledgement of quantum technologies’ security advantage and differentiation is gaining momentum: May 2020 has seen the first mass-market application of quantum technologies through the world’s first 5G smartphone equipped with a QRNG chipset – the Samsung Galaxy A Quantum. The Quantum decade has begun. It is time to embrace it.