Latest News

Firms have until 2031 to switch to post-quantum cryptography, under new NCSC timeline

By Dalvinder Kular

The National Cyber Security Centre (NCSC) has published a timeline for organisations to ensure they can efficiently protect themselves against quantum-based cyber hacks.

The security agency, which is part of GCHQ, emphasised the importance of post-quantum cryptography (PQC), a new type of encryption designed to safeguard sensitive information from future risks posed by quantum computers.

The organisation says that by 2028, companies should both identify the cryptographic services that need upgrades and build a migration plan.

From 2028 to 2031, the NCSC said firms should execute high-priority upgrades and refine plans as PQC evolves.

By the third phase of the timeline from 2031 to 2035, all organisations should have completed migration to PQC for all systems, services and products.

Current encryption programmes rely on mathematical problems that current-generation computers struggle to solve. Quantum computers have the potential to solve these problems much faster, making current encryption methods insecure.

The NCSC said that migrating to PQC will help organisations stay ahead of this threat by deploying quantum-resistant algorithms before would-be attackers have the chance to exploit vulnerabilities.  

New guidance from the organisation aims to ensure that migration is smooth and controlled to avoid rushing and potential gaps in security.

The NCSC said that for many SMEs, migration to PQC will be routine, as service and technology providers will deliver it as part of their normal upgrades.

However, for some larger organisations, PQC will require planning and significant investment.
NCSC chief technical officer Ollie Whitehouse said that as quantum technology advances, upgrading collective security is “essential.”

“Quantum computing is set to revolutionise technology, but it also poses significant risks to current encryption methods,” he added. “Our new guidance on post-quantum cryptography provides a clear roadmap for organisations to safeguard their data against these future threats, helping to ensure that today's confidential information remains secure in years to come.”


Share Story:

Recent Stories

Deutsche Bank bets on automated governance tech in $10m funding round

Firms have until 2031 to switch to post-quantum cryptography, under new NCSC timeline

Google Wallet lets children make payments with new feature


Sanctions evasion in an era of conflict: Optimising KYC and monitoring to tackle crime
The ongoing war in Ukraine and resulting sanctions on Russia, and the continuing geopolitical tensions have resulted in an unprecedented increase in parties added to sanctions lists.

BANNER

Achieving operational resilience in the financial sector: Navigating DORA with confidence
Operational resilience has become crucial for financial institutions navigating today's digital landscape riddled with cyber risks and challenges. The EU's Digital Operational Resilience Act (DORA) provides a harmonised framework to address these complexities, but there are key factors that financial institutions must ensure they consider.

Legacy isn’t the enemy: what FSIs can do to keep their systems up and running
In this webinar we will examine some of the steps FSIs have already taken to rigorously monitor and test systems – both manually and with AI-powered automation – while satisfying the concerns of regulators and customers.

Optimising digital banking: Unifying communications for seamless CX
In the digital age, financial institutions risk falling behind their rivals if they fail to unite fragmented communications ecosystems to deliver seamless, personalised customer experiences.

This FStech webinar sponsored by Precisely explores vital strategies to optimise cross-channel messaging through omnichannel orchestration and real-time customer data access.

© 2019 Perspective Publishing     Privacy & Cookies