So as part of our assignment this week, I chatted with a bunch of people at the ISACA event and one of the conversations I had with an ISACA member was what concerns you about cyber security now or in the future? And the answer I got was about how we might have good encryption standards now but in the future if China or an adversary gets there hands on it, in 5-10 years with Quantum computing they will easily be able to own the data. This turned in to talking about how we need to adopt Quantum computing sooner than later to prevent this threat in the future. In fact I ran into this article that talks about this topic.
https://www.technologyreview.com/s/612509/quantum-computers-encryption-threat/
This article basically talks about how complacency is a mistake and how we need to start working on standards and encryption methods that can’t be cracked by quantum computers. They see the hard part is getting everyone to agree to this standards and the hope is that its going to take a long time for a malicious user to get there hands on quantum computing.
On a side note, the event was very nice, and a great experience to network with others in the field.
I think the conversation you held at the event was a good one. This is something I have wondered about as well with quantum computers. A lot of our encryption comes with statements like, “this would take 1000 years to crack” or, “the effort to crack this encryption far exceeds value over time.” That measurement is based solely on the computers of today and perhaps the immediate foreseeable future. With quantum computers… we technically know nothing. Those with some familiarity are suggesting they could crack some of our current hardest encryptions in 24 hours. That is a huge downgrade from 1000 years. Quantum computers and AI are two things that we might not yet be prepared for like Pandora Box or the Ark of the Covenant.