In 1912, the Titanic disaster revealed that ignoring warning signs can lead to catastrophic failure. Today, a similar threat exists for organizations. Instead of icebergs, the danger comes from quantum computers’ threat to modern encryption. 

In a recently published Insurance Thought Leadership article, Dr. Garfield Jones, SVP, Research and Technology Strategy at QuSecure, underscores the urgent need for organizations to migrate from classical cryptography to post-quantum cryptography (PQC) standards. He warns that failing to act now results in what he terms “cryptographic drift”. In other words, lack of course action drives the accumulation of cryptographic debt, increasing the risk of sensitive data exposure until it is too late to mitigate, much like the ignored warning signs before the Titanic disaster. 

Key Insights

• Cryptographically relevant quantum computers (CRQC) threaten widely used encryption schemes and drive “Harvest Now, Decrypt Later” attacks, where data collected today is decrypted with quantum computers later.
• Migration requires proactive planning: inventorying current encryption, migrating high-value assets to post-quantum cryptography standards, and upgrading to TLS 1.3.
• Implementing crypto-agility allows organizations to adopt new cryptographic standards and algorithms without overhauling existing systems. 

Why This Matters

The time to act on post-quantum cryptography is now. Government mandates and timelines continue to reinforce the urgency, and the warning signs are clear. By adopting post-quantum cryptography today, businesses can protect sensitive data, reduce cryptographic debt, and stay ahead of the quantum threat. Migrating too late leaves your cryptography and organization at risk, just like the Titanic.

Read the Full Article

Want to understand what’s at stake? Read Dr. Garfield Jones’ full insights on post-quantum cryptography in Insurance Thought Leadership.