Connect with us

Hi, what are you looking for?


Data Protection

How Quantum Computing Will Impact Cybersecurity

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Quantum Computing

Quantum computers live in research universities, government offices, and leading scientific companies and, except in rare circumstances, find themselves out of reach of bad actors. That may not always be the case, though.

As research on quantum computers continues to move the technology forward, there is a growing concern that these computers might soon break modern cryptography. That would make all current data encryption methods obsolete and require new cryptography methods to protect against these powerful machines.

While the concept of quantum computers is not new, the discourse around them has increased in recent months thanks to continued federal action.

In May of 2022, President Biden released a national security memorandum that outlined government efforts to get ahead of quantum computing security concerns. In June, the U.S. House of Representatives passed the Quantum Computing Cybersecurity Preparedness Act requiring federal agencies to migrate information technology systems to post-quantum cryptography.

This legislation (PDF), which still requires passage in the U.S. Senate, builds off the continued efforts of the National Institutes of Standards and Technology (NIST) to create post-quantum cryptography standards. For its part, NIST released its first four quantum-proof algorithms in July 2022. Not long after, the CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST had been broken using AI combined with side channel attacks.

The Power of Quantum Computing

Even the fastest computers today struggle to break security keys thanks to complexity. It would take years for a system to break down the standard keys, even in the best-case scenarios. This is what makes encryption such a valuable security defense.

Advertisement. Scroll to continue reading.

Quantum computing looks to dramatically change this time from years to a few hours. While it can quickly get complicated, experts believe many public-key encryption methods popular today, such as RSA, Diffie-Hellman, and elliptic curve could one day be relatively simple for quantum computers to solve.

The good news in this scenario is that commercial quantum computing remains in the distance. A study from the National Academies believes future code-breaking quantum computers would need 100,000 times more processing power and an error rate of 100 times better. These improvements could be more than a decade away, but they are something security leaders need to consider now.

It will be too late if we wait until those powerful quantum computers start breaking our encryption.

Leveraging Defense In-Depth

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works. Best practices include things like segmenting networks, leveraging 5G private networks, and leveraging Zero Trust architectures.

Organizations must also secure data at rest. Many databases feature encryption that could become moot in the future. Organizations may need to store certain data offline or have a practice of re-encrypting old files once newer encryption technologies become available.

Right now, everything from browser cache, to password managers, to local Outlook email files is encrypted. If that encryption becomes breakable, organizations may need to reduce the distribution overall to limit risk, at least until better quantum encryption is created.

The Road Forward

The growing concern of a quantum-related cyberattack is not imminent but also not unfounded. Cyber security professionals must remain agile in the face of new threats and changes in thinking. While we move forward to this next challenge, let’s remember to keep a strong foundation.

We are moving toward a future with quantum computing, so prepare your organization now for this emerging threat along with handling the other threats that impact your enterprise today. A defense-in-depth approach acts as a hedge against differing attack vectors. It provides organizations with blanket coverage and a robust defense against various attacks.

Related: Cyber Insights 2023 | Quantum Computing and the Coming Cryptopocalypse

RelatedQuantum Computing’s Threat to Public-key Cryptosystems

RelatedQuantum Computing Is for Tomorrow, But Quantum-Related Risk Is Here Today

RelatedSolving the Quantum Decryption ‘Harvest Now, Decrypt Later’ Problem

RelatedIs OTP a Viable Alternative to NIST’s Post-Quantum Algorithms?

Written By

Marie Hattar is chief marketing officer (CMO) at Keysight Technologies. She has more than 20 years of marketing leadership experience spanning the security, routing, switching, telecom and mobility markets. Before becoming Keysight’s CMO, Marie was CMO at Ixia and at Check Point Software Technologies. Prior to that, she was Vice President at Cisco where she led the company’s enterprise networking and security portfolio and helped drive the company’s leadership in networking. Marie also worked at Nortel Networks, Alteon WebSystems, and Shasta Networks in senior marketing and CTO positions. Marie received a master’s degree in Business Administration in Marketing from York University and a Bachelor’s degree in Electrical Engineering from the University of Toronto.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...