The U.S. Department of Homeland Security (DHS) and the Department of Commerce’s National Institute of Standards and Technology (NIST) laid out a roadmap to help organizations protect their data and systems and to reduce risks related to the advancement of quantum computing technology.
The plan will raise awareness and guide federal, state, local, tribal, and territorial partners, critical infrastructure owners and operators, and others in the private sector. The various measures will help these organizations protect their data and systems, and reduce risks related to the advancement of quantum computing technology.
The blueprint by the DHS will help organizations prepare for the transition to post-quantum cryptography by identifying, prioritizing, and protecting potentially vulnerable data, algorithms, protocols, and systems, the agency said. Advancements in technology are expected to break some encryption methods that are widely used to protect customer data, complete business transactions, and secure communications.
The guidance directs the DHS to prepare for the transition to new post-quantum cryptography standards when available from NIST in line with the quantum computing roadmap. The guidance will result in an inventory of all DHS cryptographic systems and data types, a broader understanding of the risk across the enterprise, and plans for the transition to post-quantum cryptography.
While quantum computing promises unprecedented speed and power in computing, it also poses new risks. As the technology advances over the next decade, it is expected to break some encryption methods that are widely used to protect customer data, complete business transactions, and secure communications. The new guidance from the DHS will help organizations prepare for the transition to post-quantum cryptography by identifying, prioritizing, and protecting potentially vulnerable data, algorithms, protocols, and systems.
“Quantum computing will be a scientific breakthrough. It is also expected to pose new data privacy and cybersecurity risks,” Alejandro N. Mayorkas, secretary of Homeland Security, said in a media statement. “Now is the time for organizations to assess and mitigate their related risk exposure. As we continue responding to urgent cyber challenges, we must also stay ahead of the curve by focusing on strategic, long-term goals. This new roadmap will help protect our critical infrastructure and increase cybersecurity resilience across the country.”
Quantum computing adopts a fundamentally different approach to computation compared with the kinds of calculations that are usually done on laptops, workstations, and mainframes. While quantum computing will not replace regular computing devices, it will leverage the principles of quantum physics to solve specific, very complex problems of statistical nature that are difficult for current computers.
Quantum information science (QIS) is an interdisciplinary field that studies the impacts of quantum physics properties on information science. Those properties can increase computational power and speed significantly over classical computers, provide precision measurements, enhance sensing capabilities, and increase the accuracy of position, navigation, and timing services.
Of these, the increase in computational capability is the most pressing issue as it threatens the security of asymmetric cryptography or cryptography that uses public-private keys. This will be decrypted by quantum computing and is ubiquitous throughout the Department, the remainder of the federal government, state, local, tribal, and territorial governments, and the U.S. critical infrastructure sectors.
Companies whose business depends on decades of data must be on high alert about the cybersecurity issues that quantum computing raises, analyst firm McKinsey warns in a report. “At the very least, the topic should be at the top of the chief information officer’s agenda, and business leaders need to be confident that their companies have a plan for making a safe transition from current cryptography to quantum cryptography,” it added.
Earlier this year, Secretary Mayorkas outlined his vision for cybersecurity resilience and identified the transition to post-quantum encryption as a priority. DHS also issued internal policy guidance to drive the Department’s preparedness efforts and is conducting a macro-level analysis to inform the government’s action and ensure a smooth and equitable transition.
As the U.S. administration continues to grapple with advancing technologies, the Office of Science and Technology Policy (OSTP) issued on Tuesday a notice of request for information (RFI) that requests input from all interested parties on the development of a national strategic plan for advanced manufacturing. The agency has sought responses online by Dec. 17, 2021.
On behalf of the National Science and Technology Council (NSTC), Committee on Technology, Subcommittee on Advanced Manufacturing, the OSTP is seeking inputs from the public, on ways to improve government coordination, and on long-term guidance for federal programs and activities in support of U.S. manufacturing competitiveness, according to a notice on the Federal Register.