Quantum computing: The data security conundrum

By Clyde Williamson, Chief Security Architect, and Nathan Vega, Vice President, Product Marketing and Strategy at Protegrity

One of the biggest challenges of digital technology today is around security systems and data. In response to this, sophisticated algorithms have been designed to encrypt data and protect it through frameworks known as symmetric cryptography. While this has proven successful, advancements in quantum computing – which utilises quantum mechanics to solve complex problems faster than conventional computers – could potentially turn data security on its head.

IBM, Microsoft and Google have already turned their attention to quantum computing and, as a result, commercially viable quantum computers are not too far from becoming a reality.  In fact the global quantum computing market size in terms of revenue was estimated to be USD 866 Million in 2023 and is poised to reach USD 4,375 Million by 2028, growing at a CAGR of 38.3% from 2023 to 2028. This is raising concerns that these computers might pose a threat to current public-key cryptography algorithms and potentially expose sensitive data. As such, data security needs to be a step ahead, with more advanced cryptographic algorithms that minimise potential risks and ensure the safeguarding of data in a quantum computing world.

A crack in our data security

Quantum-resistant data security is a concern as current approaches to data protection use algorithms that traditional computing power would take several years to crack. The improved processing power of quantum computing would, however, reduce this time significantly and its ability to solve mathematical problems and speed up certain complex mathematical computations could result in the encryption algorithms that we use becoming obsolete. This would create risk detrimental to businesses, universities, governments and more.

This is supported by a Forrester study that anticipates that quantum computers will be able to crack all current cryptosystems in the next five to 30 years, with a majority claiming there is an up to 70% chance of this occurring in the next 5 years. As such, it is no wonder that Gartner has stressed the importance of preparing for quantum’s impact by encouraging the promotion of privacy-enhancing technologies in anticipation of the quantum era. This is a valid suggestion as some classical cryptography algorithms will not be able to stand up against quantum computing’s processing abilities and will succumb to a brute-force assault.

However, while quantum computing is widely considered a potential risk for data security, it could potentially also be a part of the solution, as quantum cybersecurity may provide a more robust and compelling opportunity to safeguard critical data.

Quantum cyber security

According to IBM, quantum computing can aid in providing a more robust way to safeguard critical data than current offerings. In particular, quantum machine learning and quantum random number generation are believed to provide a viable solution to securing data while at the same time wielding the power to detect and deflect quantum-era cyberattacks before they can cause harm.

As encryption is often a key component of data security, adopting quantum-resistant cryptography will be critical to protecting people and adhering to privacy regulations. However, as quantum computing is not widely used as yet, it is unlikely that we will be able to harness quantum computing power to develop a quantum-proof approach to data security for a few years. Thus, before quantum computing becomes widely adopted, most likely as Quantum-Computing-as-a-Service, it is critical to stay a step ahead of the potential threat and develop a quantum-proof solution now, rather than wait for quantum computers to break the current data encryption models.

A quantum-proof approach to data security

To prepare for the quantum revolution, companies need to assess their cyber security infrastructure and identify potential vulnerabilities to quantum computing. Some traditional forms of data security will be made obsolete with the mass rollout of quantum computing, however, it’s believed others are capable of withstanding the potential threats of this evolving technology.

Tokenization, which uses randomization to substitute a real value for a token that conceals that value, is believed to be a viable data security option against quantum computing. This randomization is a powerful data security tool which, unlike key-based encryption that uses mathematical formulae or proofs to ensure the integrity of the algorithm, stores data with random but reversible tokens which cannot be decrypted with a mathematical solution.

Furthermore, tokenization substitutes the real value with a token consistently across the enterprise which means that data can be joined in a protected state to power AI, ML, data analytics initiatives and other applications that require data from multiple siloes to drive business outcomes.

Preparing for the quantum future

The emergence of quantum computing is a double-edged sword. While it is expected to bring groundbreaking possibilities to data security, the risks it poses are equally concerning. As such, preparation for its arrival needs to be done today to keep data secure in the future. This is supported by IBM, which states that while quantum computers are not yet commercially available, there are significant advantages to initiating quantum-proof cybersecurity solutions now.

This is particularly true as terrorist networks have access to the same technologies that businesses do. While businesses may use these tools to improve customer experiences and drive down costs, malicious actors will use them to gain access to data for other purposes. Already it is believed that threat actors are scraping data, which means they are stealing and holding onto data until quantum computers are more easily available to decrypt it. To overcome this challenge, companies need to be implementing quantum-proof solutions today to ensure data remains secure well into the future.

Securing data today

Although much is unknown about the impact quantum computing will have, we do know that we cannot wait for it to become commercially available before implementing more stringent security measures to withstand the threat of its computing power. As such, investing in data security today is critical to safeguarding data against emerging threats such as those presented by quantum computing.

To mitigate future privacy threats, companies need to rethink how they keep data secure. While quantum computing and data scientists are working to develop solutions that could potentially be quantum-proof, companies stand to benefit from implementing solutions today that are considered secure against threat actors and quantum computing alike as a first step to implementing a multi-layered approach to future-proofing data security.

LEAVE A REPLY

Please enter your comment!
Please enter your name here