British companies have a decade to shore up their digital defences to make way for a new wave of quantum-powered cyber attacks, the UK’s cybersecurity agency has warned.
The National Cyber Security Centre (NCSC) – part of GCHQ – issued guidance on Thursday for organisations to prepare for and protect against upcoming threats posed by future developments in quantum computing.
The NCSC has encouraged firms to adopt post-quantum cryptography (PQC), a novel form of encryption designed for a new generation of powerful computers.
As quantum computing develops, the agency has warned that bad actors could use devices thousands of times more powerful than traditional computers to bypass existing encryption systems, which are used to protect secure communications, banking information and other critical data.
Under the new guidance, the NCSC said over the next three years, organisations should identify cryptographic services that need upgrades, by 2031, they should execute high-priority upgrades and by 2035, all security systems should have migrated to PQC.
“Quantum computing is set to revolutionise technology, but it also poses significant risks to current encryption methods,” said NCSC chief technical officer Ollie Whitehouse.
“Our new guidance on post-quantum cryptography provides a clear roadmap for organisations to safeguard their data against these future threats, helping to ensure that today’s confidential information remains secure in years to come.”
For most small and medium-sized businesses, migrating to PQC security will be fairly routine, relying on the service of PQC specialised tech service providers. Larger organisations may have to put in place significant planning and investment, the NCSC has warned.
The new guidance is aligned with advice from the US to prepare cybersecurity systems against quantum threats over the next decade.
“This transition to new cryptographic standards will be the most significant technological shift we have faced this century,” said Dr Ali El Kaafarani, co-founder and CEO of post-quantum cryptography company PQShield.
“Failure to act over the next three, five and 10 years will potentially expose the UK’s cybersecurity infrastructure to attacks from global adversaries.”
Kaafarani said the transition to PQC will give the UK the “opportunity to tap into its deep pool of technical expertise to lead the world in quantum security through early adoption of the new standards.”
The UK is home to some of the world’s leading quantum technology firms, including Quantinuum, Riverlane and Oxford Ionics.
As many as 485 quantum-related patents have been filed in the UK since 2020, according to figures from the Intellectual Property Office.
Register for Free
Bookmark your favorite posts, get daily updates, and enjoy an ad-reduced experience.
Already have an account? Log in
