GDIT Report: IT Decision-Makers Waking up to Quantum Reality

In a world increasingly reliant on digital infrastructure, a seismic shift is on the horizon. 

The advent of quantum computing, once a distant concern, has rapidly evolved into an imminent threat to global cybersecurity. 

Recent developments have catapulted this issue from the realm of theoretical worry to a pressing reality. Luckily, General Dynamics Information Technology (GDIT)’s recent study shows how IT leaders are waking up to that reality and are preparing their organisation’s security posture. 

The quantum breakthrough: a wake-up call

The cybersecurity community was recently jolted by a startling announcement from researchers. A team from Shanghai University claimed a significant breakthrough in using quantum annealing systems to attack classical encryption methods. 

The researchers utilised a D-Wave quantum annealing system to devise an attack on public key cryptography, focusing on Substitution-Permutation Network (SPN) structured algorithms. 

These algorithms form the backbone of widely-used encryption standards such as the Advanced Encryption Standard (AES). While the team successfully targeted a 22-bit key—far shorter than those used in real-world applications—the implications are profound, throwing previous timelines into disarray, accelerating the urgency for quantum-resistant solutions.

In light of this looming threat, organisations and government agencies are increasingly turning their attention to post-quantum cryptography (PQC).

IT leaders ideations

GDIT’s study reveals that 50% of federal IT leaders in the US are actively developing strategies to accelerate their transition to PQC.

The GDIT survey, titled "Quantum Waves", polled 200 experts and decision-makers across defence, civilian and intelligence agencies. 

It found that 35% of respondents are in the process of defining their plans and budgets for PQC readiness, indicating a growing awareness of the urgency to prepare for a post-quantum future.

However, the transition is not without its challenges. The study uncovered significant obstacles facing federal agencies in their PQC adoption efforts:

Industry efforts

Despite the challenges, the tech industry is not standing still. Major companies are taking significant steps to address the quantum threat:

IBM recently announced that two of its developed algorithms, ML-KEM and ML-DSA, have been standardised by the US National Institute of Standards and Technology (NIST) in a world first. 

Global telecom leader Telefónica has developed a quantum security architecture solution incorporating Quantum Key Distribution (QKD) and post-quantum cryptographic algorithms.

GDIT highlights that vulnerability management is key to facilitating the transition to this new quantum and PQC standards. 

According to the report, 44% of respondents identified vulnerability management as a top capability needed to discover, assess and manage cryptographic assets, prioritise risks and accelerate the PQC transition.

As quantum computers grow more powerful, the timeline for implementing quantum-safe security measures grows shorter. However, with continued investment, collaboration, and innovation across industries, the proactive steps taken by governments and enterprises mean that defence is being improved as diligently as attacks are being developed.

The key lies in continued investment, collaboration, and innovation across industries. As quantum computers grow more powerful, the timeline for implementing quantum-safe security measures grows shorter. However, with proactive steps being taken by governments and enterprises, defence is being improved as diligently as attacks are being developed.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand