Credit: sakkmesterke/Shutterstock Technology giant IBM has debuted a new set of tools and capabilities designed as an end-to-end, quantum-safe solution to secure organizations and governmental agencies as they head toward the post-quantum computing era. Announced at its annual Think conference in Orlando, Florida, Quantum Safe technology combines expertise across cryptography and critical infrastructure to address the potential future security risks that quantum computing poses, according to the company. IBM also unveiled the Quantum Safe Roadmap to guide industries along their journey to post-quantum cryptography.Security experts and scientists predict that quantum computers will one day be able to break commonly used encryption methods rendering email, secure banking, cryptocurrencies, and communications systems vulnerable to significant cybersecurity threats. Organizations, technology providers, and internet standards will therefore soon be required to transition to quantum-safe encryption.NATO has already begun testing quantum-safe solutions to investigate the feasibility and practicality of such technology for real-world implementations while the US National Institute of Standards and Technology (NIST) launched a competition to identify and standardize quantum-safe encryption algorithms. Furthermore, the US National Security Agency (NSA) announced new requirements for national security systems to transition to quantum-safe algorithms by 2025, and the White House released requirements for federal agencies to submit a cryptographic inventory of systems that could be vulnerable to cryptographically relevant quantum computers. New capabilities prepare for post-quantum era in three waysIBM’s new set of capabilities is designed to help clients prepare for the post-quantum era in three key ways, the firm said in a press release: IBM Quantum Safe Explorer enables organizations to scan source and object code to locate cryptographic assets, dependencies, vulnerabilities, and build a cryptography bill of materials (CBOM) that allows teams to view and aggregate potential risks into one central location.IBM Quantum Safe Advisor allows the creation of a dynamic or operational view of cryptographic inventory to guide remediation, analyzing cryptographic posture and compliance to prioritize risks.IBM Quantum Safe Remediator enables organizations to deploy and test best practice-based quantum-safe remediation patterns to understand the potential impacts on systems and assets as they prepare to deploy quantum-safe solutions.IBM Quantum Safe Roadmap charts milestones toward quantum-secure technologyThe IBM Quantum Safe Roadmap is IBM’s first blueprint that charts the technology milestones toward advanced quantum-safe technology, engineered to help organizations address anticipated cryptographic standards and requirements, and protect systems against emerging vulnerabilities, the firm stated. IBM said this is comprised of three key actions:Identify cryptography usage, analyzing dependencies, and generating a CBOM.Analyze the cryptography posture of vulnerabilities and prioritize remediation based on risks.Remediate and mitigate with crypto-agility (the ability to switch quickly between encryption mechanisms such as algorithms and cryptographic primitives while minimizing the impact on other systems) and built-in automation.Quantum-safe encryption key to addressing quantum threatsQuantum-safe encryption is key to addressing the quantum-based cybersecurity threats of the future. Organizations are well advised to get ahead of the quantum-safe encryption curve, starting with understanding what data has the longest life and how this might be at risk from future threats. Companies that struggle should focus on identity, because even if they secure all their encryption, if someone can access their identity system, then anyone can gain “legitimate” access to systems and infrastructure. Setting up years-to-quantum (Y2Q) migration as a bespoke project and giving it the firepower it needs to ensure success and a smooth transition is another key step, as is adopting a crypto-agile approach when thinking about any infrastructure overhaul. This means that organizations should use solutions that keep the tried and tested classical cryptography used today alongside one or more post-quantum algorithms, offering greater assurance against both traditional attacks and future threats. Related content brandpost Sponsored by Microsoft Security Building an AI strategy for the modern SOC Transforming SOC teams with the power of AI—identify the highest risk areas, cybersecurity maturity, existing architecture and tools, and budgetary constraints…just to name a few. By Microsoft Security May 23, 2024 5 mins Security news Tracking manual attacks may deliver zero-day previews According to analysis from LexisNexis, human-based digital fraud attacks are increasing more quickly than bot-based attacks — a difference CISOs should leverage for their defenses. By Evan Schuman May 23, 2024 4 mins Cyberattacks Fraud Cybercrime news analysis Microsoft amps up focus on Windows 11 security to address evolving cyberthreats In addition to its Copilot+ secure-cored PC, the company announced enterprise security enhancements, admin privilege changes, and the deprecation of legacy authentication protocols. By Lynn Greiner May 23, 2024 7 mins Windows Security news LockBit no longer world’s No. 1 ransomware gang After dominating for eight months, LockBit has been overtaken by ransomware gang Play in the wake of a law enforcement crackdown and unmasking of LockBit’s alleged creator. By Viktor Eriksson May 23, 2024 2 mins Ransomware Cybercrime PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe