How prepared are we for the arrival of Post Quantum Computing? (article written by Acubed.IT)
How prepared are we for the arrival of Post Quantum Computing?
Post Quantum Computing will bring a step change in society’s ability to solve complex problems that classical or supercomputers cannot solve. Applying such capability for the greater good can provide huge benefits for all. From a data security perspective it provides an interesting challenge, the need to re-design our current thinking in relation to cryptography.
Here at Acubed.IT we have gained significant experience and developed expertise, working with and for HM Government and private sector organisations, to develop secure cross-domain solutions. You may wonder why is this relevant?
Many organisations, both public and private, regularly collect data from citizens and customers. Many of the individuals providing the data will not have access to secure technology, i.e., laptops accredited to handle data classified at SECRET, therefore, data is provided over the internet. Some protections may be put in place, using public key cryptography, a method of encrypting and signing the data with two different keys and making one of the keys, the public key, available for anyone to use as part of Elliptic-Curve cryptography.
So why does that matter? Hostile State Actors (HSAs) and Organised Criminals understand that whilst they may be unable to break the encryption today, they can undertake hostile reconnaissance, by collecting data, at scale, from unprotected networks. This data can then be decrypted in the future, once the power of quantum computing is available.
So how can governments and private sector organisations protect their most sensitive data? Acubed.IT has been collaborating with the National Cyber Security Centre (NCSC) to develop a solution which provides protection for data whilst it is in a low-trust domain, but which also enables the data to be passed securely, across a High Assurance Gateway, into a high-trust domain.
The Cross-Domain Hybrid Application (CDHA) Framework is a new application design framework, which employs secure by design methods to enable an application to communicate across trust (security) boundaries. The CDHA Framework provides a design pattern, architecture, code libraries and guidance to enable origanisations to secure their data, elements of which are quantum resistant, enabling organisations to mitigate the risk of bulk data loss.
At Acubed.IT, we want to go further, so we have collaborated with cryptographic experts at Napier University. We are striving to enhance the protection that the CDHA Framework offers, by ensuring that future cryptography is quantum safe.
We are passionate about the CDHA Framework and believe that it is truly transformational. It will enable governments and private sector organisations to mitigate the threats posed by quantum computing, through the design and implementation of secure cross-domain solutions.
Does your organisation have data that you consider sensitive? Upon reflection do you consider that it would present a threat to your organisation’s reputation or competitive position if it were to find its way into the wrong hands? If you are answering “yes” to these questions, then you should be discussing this at a board level. An organisation’s risk appetite is informed by the knowledge of the risk, threat and mitigating actions that can be taken. If the board does not understand that they have a problem, they may be blind to it!
Acubed.IT can help you navigate through the data risk mitigation process. We can help you use the Cross-Domain Hybrid Application (CDHA) Framework to design secure solutions to protect your data, which will mitigate the risk associated with data collection, at scale, by Hostile State Actors and Organised Criminals.
Find out more or contact us at:
Website: https://www.acubed.it
Email: [email protected]
CDHA: https://www.acubed.it/cross-domain-solutions
