Summary:
1. Despite the looming threat of quantum computing, many businesses are not prioritizing post-quantum cryptography (PQC) as a high business priority.
2. Some organizations have already made progress in implementing post-quantum encryption, such as Cloudflare reaching a milestone in human-initiated traffic using PQC.
3. Companies are starting to allocate budget towards PQC efforts, with Forrester predicting quantum security spending to exceed 5% of the overall IT security budget next year.
Rewritten article:
As the development of quantum computing continues to progress, the urgency of implementing post-quantum cryptography (PQC) remains a topic of debate among businesses. Despite the potential threats posed by quantum computers, a recent survey by ICASA revealed that only 5% of security and privacy professionals consider PQC a high business priority in the near future. Many organizations seem to adopt a “somebody else’s problem” mindset, believing that by the time quantum computers become a reality, someone else will be responsible for dealing with the challenges they pose.
However, there are signs of progress in the adoption of PQC. Cloudflare recently announced a significant milestone, with more than half of human-initiated traffic on their network now utilizing post-quantum encryption. It’s worth noting that symmetric encryption, commonly used for data storage, is already considered quantum safe, while asymmetric encryption, used for public communications and online transactions, remains vulnerable.
Despite the challenges, some companies are beginning to invest in PQC efforts. Forrester predicts that quantum security spending will surpass 5% of the overall IT security budget next year. This shift in mindset is evident in the words of Chris Hickman, CSO at Keyfactor, who emphasizes the importance of preparing for a post-quantum world to ensure data security in the face of evolving threats.
In conclusion, while the adoption of PQC may not be a top priority for all businesses at the moment, the growing awareness of quantum threats and the progress being made in implementing post-quantum encryption signal a shift towards proactive cybersecurity measures. It’s essential for organizations to evaluate their cryptographic assets and prepare for a transition to PQC to stay secure in a post-quantum world.
