October is renowned for being the scariest time of the year and for good reason. The nights are longer, the days are colder, and many people find themselves without a costume for that Halloween party they thought was such a good idea to RSVP to a few weeks ago.
And while commercially interrupted reruns of campy horror films may give some of us quite the fright, for cyber enthusiasts, I dare say something else more sinister is on the far-off horizon. But it is coming. It is coming for us all!!
This horror is formless, daunting, and irrepressible. We can’t see it, touch it, or feel its presence, but when it is upon us our understanding of known physics will be forever altered!
What could possibly inspire such palpable fear in the hearts of today’s cyber defenders? Nothing other than the END… That is, the end of classic computing and the ushering in of a novel set of risks (and opportunities!) in a Post-Quantum Computing (PQC) world.
But we, in financial services, are risk managers by nature. We don’t shy away from a challenge. We embrace it. We identify, analyze and control risk. We game plan every possibility and limit potential downside impact.
Just because something is scary doesn’t mean we are paralyzed with fear.
And in the spirit of strong risk management practices, BITS-BPI is announcing the availability of the Quantum Risk Calculator (QRC).
The QRC is a tool designed to help any person or company better understand how a Post-Quantum Computing future may impact data and applications reliant on cryptography such as encryption, hashing and signatures.
The tool requires four questions to be answered so some quick research may be required.
• How long must your data be secured? Typically, this can be answered by regulatory statute or company policy.
• How long would you estimate the change control process to take for the application or data? Think about how long it took some firms to be fully prepared for Y2K.
• When will Quantum Computing become mainstream? This is a best guess as no one knows the correct answer just yet. If you are unsure, consider estimating large-scale quantum computing being available 2031.
• And lastly, what sort of encryption is being used? Symmetric, Asymmetric or Hash algorithms.
Further information about how to best answer these questions can be found by clicking the corresponding buttons via the web app.
Using these four answers we calculate the immediacy of the problem (if any) and provide short and long terms ideas about how to manage the issue and ultimately mitigate the risk going forward. At the end, we will offer you the opportunity to save a PDF of the results for your records (don’t worry, we don’t save any identifying data on our side–all calculations are anonymous).
Now instead of being haunted by a PQC world, you can prepare for it. Instead of hoping the problem is too far off, you now know when action needs to be taken. Instead of thinking the problem is intractable, now you can build a strategy to reduce your risk.
Should Quantum Computing keep you up at night? Take the challenge by visiting https://quantum.bpi.com/ from any web browser or mobile device.