When it comes to cybersecurity, hope is not a strategy
Any robust cybersecurity strategy should include the use of both prevention and protection solutions. Prevention technologies, like traditional firewalls, threat monitoring, anti-ransomware and anti-malware are designed to stop attacks from penetrating business systems. However, history tells us that these solutions alone do not provide a sufficient level of data protection.
The recent SolarWinds attack was a wake-up call for many. A failure to prevent the malware attack compromised critical systems across hundreds of businesses and exposed millions of data records. The attack was a particularly effective example of what has become an increasingly common occurrence – a state sponsored event. With almost unlimited resources, rogue states can deploy attacks on a larger scale than we have ever seen before.
The evolving threat landscape demands a new security mindset. IT professionals should start from the standpoint that a breach is inevitable. When (not if) a breach occurs, how do you ensure the integrity and privacy of your data? The answer lies in the strongest encryption – end-to-end encryption – protecting data not just when it is at rest, but as it moves across public and private network infrastructures.
Cybersecurity in a connected world
Deploying best practice, high-assurance encryption across your core network infrastructure is just the beginning. In a connected world, organisations need to be able to extend data protection all the way to the network edge. This means protecting remote and mobile workers, securing IoT devices and extending protection both up and down the supply chain.
Your security policy is only as strong as its weakest link. Supply chain vulnerabilities have been responsible for some of the most significant and highest cost cybersecurity incidents in recent years. End-to-end encryption of network-transmitted data, use of encrypted file-sharing applications and proactive anti-malware and ransomware should be implemented across the digital landscape.
Preparing today for tomorrow’s threats
Securing your digital enterprise against today’s conventional cyberattacks is just part of an evolving threat landscape. IT security professionals and C-suite stakeholders now recognise the impending impact of the quantum computer. Cybersecurity technologies are already evolving to address future challenges, incorporating quantum resistant encryption algorithms, quantum random number generation and quantum key generation/distribution.
There have been rumours that advocates for quantum resistant encryption (QRE) have butted heads with advocates for QKD over how best to defend against the quantum threat. The reality is both will have a role to play in securing the infrastructure of tomorrow.
Quantum random number generation is a source of genuine entropy (randomness) and will make encryption keys stronger. QKD is an excellent way to ensure forward secrecy but has some physical limitations at present. Quantum Resistant Algorithms will form the basis of next generation encryption solutions. NIST has made a great deal of progress in shortlisting its algorithms but agreement on standardisation is yet to be finalised. As with the current combination of prevention and protection technologies, a quantum-resistant security strategy will leverage the best that quantum technology has to offer.
Whilst a commercially viable quantum computer may still be 5-10 years in the future, quantum resistant technologies are available today and have already been proven in real-world applications. Why should we be investing in Quantum Resistant Encryption today? Much of the sensitive or personally identifiable data travelling across today’s network infrastructure has long-term value, so it requires long-term protection. The more patient amongst the cybercriminal community could capture and store data today and decrypt when the technology becomes available.
Earlier this year; Senetas announced its first Quantum Resistant Encryption solution. Agile by design, it is compatible with the best of today’s classical encryption algorithms plus the NIST shortlisted quantum resistant algorithms; delivering long-term data protection in a post-quantum era.