March 14, 2023
Experts are now weighing in on the U.S. National Cybersecurity Strategy the Biden administration released last week.
Its stated aim is “to secure the full benefits of a safe and secure digital ecosystem for all Americans.”
One of the five pillars of the strategy, “invest in a resilient future”, says that the U.S. “will continue to lead the world in the innovation of secure and resilient next-generation technologies and infrastructure, including by prioritizing cybersecurity R&D for next-generation technologies such as postquantum encryption, digital identity solutions and clean energy infrastructure.”
More specifically, strategic objective 4.3, “prepare for our post-quantum future,” states that “we must prioritize and accelerate investments in widespread replacement of hardware, software, and services that can be easily compromised by quantum computers so that information is protected against future attacks.”
The strategy also cites the Quantum Computing Cybersecurity Preparedness Act, which President Biden signed into law in December.
Industry experts offer their insights into what the strategy means for the public and private sectors.
IonQ chief scientist and co-founder Christopher Monroe
"We are seeing an interesting juxtaposition between hype about quantum computers breaking encryption and resistance to adopting new encryption and security standards. With researchers apparently showing quantum computers can break much larger codes than ever before, fear, uncertainty and doubt are certainly increasing. However, this claim was overhyped, as the researchers did not show any new evidence or break codes that can’t be decrypted with classical computers.
"We know there is a clean and clear way to break encryption, Shor’s algorithm proved that. The reality is quantum computing technology won’t be able to perform at a high enough level to implement the algorithm for 10, maybe even 20 years. Although the threat of quantum computing implementing Shor's algorithm is a few years away, infusing quantum-proof algorithms into technology now is a great building block to protecting our national security in the near future."
Quantinuum senior vice-president of government relations Kaniah Konkoly-Thege
In order to respond to the threat posed by quantum computing while also promoting U.S. leadership in this emerging technology, the National Cybersecurity Strategy maintains that the “Federal Government will prioritize the transition of vulnerable public networks and systems to quantum-resistant cryptography-based environments and develop complementary mitigation strategies to provide cryptographic agility in the face of unknown future risks.” Further, it implores the private sector to “follow the government’s model in preparing its own networks and systems for our post-quantum future.”
The National Cybersecurity Strategy makes clear that the Biden administration will work with Congress and the private sector to create liability for software vendors, sketching out in broad terms what such legislation should entail, stating: “We must begin to shift liability onto those entities that fail to take reasonable precautions to secure their software while recognizing that even the most advanced software security programs cannot prevent all vulnerabilities.”
The new landscape of quantum-related announcements and requirements from the federal government also creates urgency for many vendors and government contractors because those who are non-compliant will be named in reports and likely suffer reputational and economic consequences.
This article first appeared on IoT World Today's sister site, Enter Quantum.
About the Author(s)
You May Also Like