The Securities and Exchange Commission (SEC) warns of a potential future breach of the cryptography system used to protect personal information. This threat could affect any data that relies on encryption, from investment application passwords to critical investment data.

The Information Technology Risk Supervision and Inspection Division of the Securities and Exchange Commission (SEC) reported that: "Quantum Risk" is no longer a distant concern. It could also affect the cryptography system[1] used to protect personal information in the future. This threat could affect any data that relies on encryption, from investment application passwords to critical investment data. The impact on users could be both their personal information and wealth being exposed or stolen. On the service provider side, reputational, credibility, and potentially immeasurable financial losses are devastating. This presents a challenge for today's financial industry.

Quantum computing's capabilities could pose a threat to the public-key cryptography mechanisms used by most organizations, such as RSA and ECC[2], which are the heart of secure internet transactions and the protection of sensitive data. Once quantum computing becomes commercially accessible, Any encryption algorithm that cannot withstand quantum decryption (quantum-resistant algorithms, also known as quantum-safe) will be as fragile as an open safe. Quantum risks are a global concern, and international cybersecurity organizations have developed two main approaches to counter them:

1. Post-Quantum Cryptography (PQC), a software-based defense that creates new encryption systems using mathematical principles that even quantum computing would take thousands of years to crack. Examples include multivariate techniques that use highly complex equations with multiple variables.

2. Quantum Key Distribution (QKD), a hardware-based defense that utilizes the principles of physical quantum to create a completely secure communication channel between the sender and receiver. This allows QKD to detect any attempted eavesdropping. However, QKD requires specialized infrastructure and is limited by distance, making it suitable for specific applications requiring maximum security.

Geopolitical tensions and national security motivations are another factor accelerating the potential for quantum computing to arrive sooner than expected. As major powers accelerate their investments and push forward with the development of this technology to seize the upper hand, the first nation to develop quantum computing that can decode its competitors' code will gain a complete advantage in economics, security, and intelligence. This acceleration could lead to a faster-than-expected "future." Therefore, we cannot assess the speed of quantum computing's arrival based solely on commercial factors. While many organizations view quantum computing as still in the laboratory and a distant prospect, some say it will be another 10-20 years before commercial use is possible.

Advances in AI are also impacting the development of quantum computing, boosting the technology's potential for faster commercialization. For example, the launch of Microsoft's QPU (Quantum Processing Unit), named Majorana 1, is small in size but offers processing power several times higher than that of a supercomputer. Although this QPU has not yet been commercially deployed, it demonstrates progress and is imminent.

Many organizations may question, "Is quantum computing still in development?" Why bother or worry now? The answer lies in the concept of "Harvest Now, Decrypt Later" (HNDL), which captures data and waits for a future time when quantum computing can decrypt it. This means that data that is secure today, whether it's customer information, legal documents, past financial transactions, or even passwords (key algorithms), may no longer be secure in the future. Therefore, organizations should assess the risks and develop data protection plans today, not waiting until quantum computing becomes widely available commercially.

Furthermore, the damage isn't limited to the day encrypted data is stolen. That encrypted data could become a book that can be read 5-10 years from now. The key question for executives is therefore not "Is the organization's data encrypted?" but "Is the organization's current encryption robust enough to withstand the future capabilities of quantum computing (Quantum-Safe)?" If the answer is "no," then all data that is considered secure may have an expiration date, as it could be decrypted in the future.

The transition to the quantum era may seem daunting and daunting. It's similar to the Y2K era, but the most important and immediate starting point is a data risk assessment, with "time" as the key dimension. This begins with understanding the data you have and prioritizing it as follows: 1. Data Inventory: What data is stored? Where is it stored? And how is it protected? 2. Security Shelf-Life Assessment: Organizations should consider "how long must each type of data remain confidential?" "If the data the company holds is about to become compromised,"

Go To Lead