Quantum computers, despite their current limitations of being too small and error-prone, represent a future threat to encryption standards that safeguard sensitive data. This has led to global, albeit secretive, agreements among nations to impose identical export controls on quantum computers. Countries such as the UK, France, Spain, and the Netherlands have set specific bans on the export of quantum computers with more than 34 qubits and below a certain error threshold without fully disclosing the scientific reasoning behind these specifications. Such measures seem to be aimed at preemptively curbing the distribution of potentially more capable machines that can be used to break today’s conventional encryption.
The rest of the world is not standing idly whilst we await the first quantum computers. Senetas and its cybersecurity partner Thales have been actively engaging with stakeholders in Indonesia, Malaysia, and the Philippines, discussing the future landscape of cybersecurity in a quantum age. Senetas has also signed deals of significance this year with customers in the Middle East, where it is a trusted supplier in the whole region.
Currently, the dialogue with many of these nations focuses on the necessity for agile cybersecurity solutions that can swiftly adapt to new encryption standards (once established) by authorities like the U.S. National Institute of Standards and Technology (NIST). NIST has stated that the industry can expect a quantum-safe crypto standard to be announced in the coming months.
How can you prepare against a threat, when no proven cryptographic or algorithmic standards have been proven to be a capable defence? Developing platform, cryptographic, and network agility is the key.
In plain English, this means ensuring that systems implemented today can quickly adapt to new encryption standards once they become available without extensive overhauls. They must be capable of working with all known networks, data types, topologies, etc.
With the advent of quantum around the corner, the optimal approach is agility. Viable methods of encrypting data are essential for maintaining security and operational continuity around the world. For some this will be adoption of new encryption standards (for example those put forward by bodies such as NIST) and for others the ability to deploy custom encryption standards (such as those used by some nation-states) is paramount.
The tech community, particularly the cybersecurity industry, has discussed the impact of quantum technology by bad actors for over a decade. The enactment of international export controls—despite current quantum computers' limitations—signals a cautious approach to handling the technology’s potential implications for national security and a tacit recognition that what is still currently theory may soon become practice. Nation-states are acting now, and corporate custodians of sensitive information will be sure to follow.
