DigiCert Study: Preparing for a Safe Post-Quantum Computing Future in APAC

Avatar photo
Business Intelligence

IT leaders in APAC are sounding the alarm about the need to invest now in quantum-safe transition planning; lack of clear ownership, budget or executive support are obstacles in path to preparation. 

NEWS HIGHLIGHTS

The global study reveals that 61% of those surveyed are concerned that their organization will not be prepared to address the security implications of PQC. 74% of organizations are concerned that bad actors can conduct “harvest now, decrypt later” attacks now, in which they collect and store encrypted data with the goal of decrypting it in the future.It also shows that IT leaders believe that cyberattacks are becoming more sophisticated (60%), targeted (56%) and severe (54%). In APAC specifically, IT leaders also expressed concern about the timeframes in which to prepare. 39% say that their organizations have less than five years to get ready. The biggest challenges are not having enough time, money and expertise to prepare, with almost half of respondents saying that organizations’ leadership is only somewhat aware or not aware about the security implications of quantum computing.53% of APAC respondents currently have a strategy (19% percent) or will have in the next six months (34%) to address the security implications of quantum computing. Many organizations are in the dark about the characteristics and locations of their cryptographic keys. Slightly more than half of respondents globally (52%) say their organizations are currently taking an inventory of types of cryptography keys used and their characteristics.

SINGAPORE, Oct. 19, 2023 /PRNewswire/ — Today, at its annual Trust Summit conference, DigiCert released the results of a global study exploring how organizations are addressing the post-quantum computing threat and preparing for a safe post-quantum computing future. Key findings reveal that while IT leaders are concerned about their ability to prepare in the timeframes needed, they are hampered by obstacles which include lack of clear ownership, budget, and executive support.

Quantum computing harnesses the laws of quantum mechanics to solve problems too complex for classical computers. With quantum computing, however, cracking encryption becomes much easier, which poses an enormous threat to data and user security.  

“PQC is a seismic event in cryptography that will require IT leaders to begin preparation now. Forward-thinking organizations that have invested in crypto agility will be better positioned to manage the transition to quantum-safe algorithms when the final standards are released in 2024,” said Amit Sinha, CEO of DigiCert.

“In the APAC region, where digital transformation is rapidly evolving, the need for quantum-safe cryptography is paramount. As industry bodies and governments drive progress, we urge businesses to prioritize their preparations for PQC to safeguard their data and maintain trust in an increasingly interconnected world,” said Armando Dacal, Group Vice President APJ at DigiCert.

Study Highlights

Ponemon Institute surveyed 1,426 IT and IT security practitioners in the United States (605), EMEA (428) and Asia-Pacific (393) who are knowledgeable about their organizations’ approach to post quantum cryptography.

Key findings from the study, sponsored by DigiCert, include:

Sixty-one percent of respondents say their organizations are not and will not be prepared to address the security implications of PQC.Almost half of respondents (forty-nine percent) say their organizations’ leadership is only somewhat aware (twenty-six percent) or not aware (twenty-three percent) about the security implications of quantum computing.Only thirty percent of respondents say their organizations are allocating budget for PQC readiness.Fifty-two percent of those surveyed say their organizations are currently taking an inventory of the types of cryptography keys used and their characteristics.

Key highlights in APAC include:

Thirty-nine percent of organizations say that their organizations have less than five years to get ready.Fifty-three percent of respondents currently have a strategy (19% percent) or will have in the next six months (34%) to address the security implications of quantum computing.Sixty-three percent of organizations do not have a centralized crypto-management strategy (23%) or they have a very limited one, only applied to certain applications or use cases (37%)

Challenges organizations face to be ready for a safe post quantum computing future

Key findings indicate that security teams must juggle the pressure to keep ahead of cyberattacks targeting their organizations while preparing for a post quantum computing future. Only fifty percent of respondents say their organizations are very effective in mitigating risks, vulnerabilities and attacks across the enterprise. According to the research, ransomware and credential theft are the top two cyberattacks experienced by organizations in this study.

Forty-one percent of respondents say their organizations have less than five years to be ready. The biggest challenges are not having enough time, money and expertise to be successful. Currently, only 30 percent of respondents say their organizations are allocating budget for PQC readiness.

Many organizations are in the dark about the characteristics and locations of their cryptographic keys. Only slightly more than half of respondents (52 percent) say their organizations are currently taking an inventory of the types of cryptography keys used and their characteristics. Only 39 percent of respondents say they are prioritizing cryptographic assets and only 36 percent of respondents are determining if data and cryptographic assets are located on-premises or in the cloud.

Very few organizations have an overall centralized crypto-management strategy applied consistently across the enterprise. Sixty-one percent of respondents say their organizations only have a limited crypto-management strategy that is applied to certain applications or use cases (36 percent), or they do not have a centralized crypto-management strategy (25 percent).

To secure information assets and the IT infrastructure, organizations need to improve their ability to effectively deploy cryptographic solutions and methods. Most respondents say their organizations do not have a high ability to drive enterprise-wide best practices and policies, detect and respond to certificate/key misuse, remediate algorithm remediation or breach and prevent unplanned certificates.

Organizations recognize they are lacking the expertise to stay out in front of post quantum requirements. As a result, hiring and retaining qualified personnel is the most important strategic priority for digital security (55 percent of respondents). This is followed by achieving crypto-agility (51 percent of respondents), which is the ability to efficiently update cryptographic algorithms, parameters, processes and technologies to better respond to new protocols, standards and security threats, including those leveraging quantum computing methods.

To be ready for post-quantum computing, organizations need to have a strategy that includes backing by senior leadership, visibility into cryptographic keys and assets, and centralized crypto-management strategies that are applied consistently across the enterprise with accountability and ownership.

Read the Full Report: Preparing for a Safe Post Quantum Computing Future

About DigiCert

DigiCert is a leading global provider of digital trust, enabling individuals and businesses to engage online with the confidence that their footprint in the digital world is secure. DigiCert® ONE, the platform for digital trust, provides organizations with centralized visibility and control over a broad range of public and private trust needs, securing websites, enterprise access and communication, software, identity, content and devices. DigiCert pairs its award-winning software with its industry leadership in standards, support and operations, and is the digital trust provider of choice for leading companies around the world. For more information, visit  www.digicert.com  or follow @digicert.

View original content to download multimedia:https://www.prnewswire.com/apac/news-releases/digicert-study-preparing-for-a-safe-post-quantum-computing-future-in-apac-301961506.html

SOURCE DigiCert

相關文章

國慶新型消費展現中國經濟活力

新華社瀋陽10月8日電(記者丁非白、崔師豪、洪可潤)小提琴、嗩呐、電吉他、架子鼓……在瀋陽方城文化旅遊區,一曲中西樂器現場合奏的《雲宮迅音》不僅吸引大量遊客駐足欣賞,還登上了抖音本地熱榜。

廣州白雲機場口岸出入境客流量突破1000萬人次

記者從廣州白雲邊檢站獲悉,中秋假期期間,廣州白雲機場口岸出入境客流量持續保持高位運行,查驗出入境旅客超8.3萬人次,截至16日21時,今年以來客流量正式突破1000萬人次,較2023年全年總量增長19%。

中秋節假期首兩日迎客217,816人次

今年內地中秋節假期為9月15日至17日。連假首日澳門接待出入境旅客逾24.8萬人次。

投入的員工,忠實的客戶 

澳門旅遊大學學者參與的一項研究顯示,了解員工投入度影響顧客忠實度的方式,可令酒店和旅遊業獲益。 

火熱暑期彰顯“流動中國”澎湃活力

新華社北京8月30日電 題:火熱暑期彰顯“流動中國”澎湃活力

英國《金融時報》:地緣衝突讓美歐軍工巨頭大斂財

新華社北京8月27日電 英國《金融時報》26日報道,延宕不止的烏克蘭危機等地緣政治衝突有可能讓美歐不少軍工巨頭在今後3年獲得創紀錄的現金收入。