Newest paper finds that despite awareness of threat posed by quantum computing,
little is being done to prepare
The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released the Quantum-Safe Security Awareness Survey Report. Conducted by CSA’s Quantum Safe Security Working Group (QSS WG) the survey looks to assess the overall awareness and understanding of quantum security risk and is part of the group’s larger effort to develop a future framework for addressing quantum computing threats.
“Within the next 10 to 15 years we can expect to see a cryptographically useful quantum computer,” said Bruno Huttner, CSA QSS WG co-chair and product manager for the Quantum-Safe division of ID Quantique. “With this considerable breakthrough will come a significant threat to the security of public key cryptography and the associated challenges of securing the global digital communications infrastructure. This report is an important step in identifying potential areas of concern and so we can begin to lay the groundwork for security solutions.”
Perhaps the most striking information to come from the survey was the realization that while most companies are aware of the risk, they are not yet ready to take action, a fact which could conceivably lead to a very dangerous situation in the future when confidential information may become available to any entity possessing a quantum computer.
“While there is still a tremendous amount of work to be done in convincing the industry of the importance of including the threat of quantum computing in enterprise security strategies, the good news is that there is a great deal of interest in learning more about the threat quantum presents and how it can be mitigated,” said Jane Melia, CSA QSS WG co-chair and vice president of strategic business development at QuintessenceLabs. “This latest report provides an excellent context for moving forward in our efforts to educate the industry.”
Of those surveyed more than 90 percent were IT or information security professionals. Among other key findings:
- Sixty percent of respondents are “very aware” or “somewhat aware” of quantum computer technology and of the impact that quantum computers will have on data security.
- Just 30 percent are very or somewhat confident that their current security approaches will keep their data safe.
- Only 40 percent of the companies surveyed are working to future-proof their data against the quantum computer threat.
- Thirty-three percent of respondents are not aware that quantum solutions exist.
The CSA Quantum-Safe Security Working Group was formed to address key generation and transmission methods and to help the industry understand quantum‐safe methods for protecting their networks and their data. Individuals interested in joining the working group and participating in future research can do so by visiting the join page.
The Quantum-Safe Security Awareness Survey Report, available at https://cloudsecurityalliance.org/download/quantum-safe-security-awareness-survey/, is a free resource being offered by the CSA. To see full survey results, please contact the CSA Research Team.