Banking regulators have alerted the financial industry to begin developing plans to mitigate quantum computing risks immediately.
A report by the G7 Cyber Expert Group (CEG), chaired by the US Department of the Treasury and the Bank of England, emphasizes the potential cybersecurity threats posed by advancements in quantum computing and outlines necessary actions for financial authorities and institutions to tackle these challenges.
One critical concern raised is the ability of advanced quantum computers to break current cryptographic encryption mechanisms that safeguard customer data and IT systems.
“While the exact timeline for developing quantum computers with these capabilities is uncertain, there is a real possibility that such capabilities could emerge within a decade,” the report states. “These quantum computers would not only jeopardize future data but also any previously transmitted data that cyber adversaries may have intercepted and stored for later decryption using quantum technology. Given the potentially long lead times to implement quantum-resilient technologies, the time to start planning is now.”
Recently, the National Institute of Standards and Technology (NIST) released an initial set of quantum-resilient encryption standards, with more expected to follow. Financial institutions are encouraged to stay agile and incorporate these new standards in a timely manner as they become available.
As new standards emerge, some financial entities may already be positioned to implement the necessary changes to their systems to adopt quantum-resilient technologies. Others may rely on vendors and third parties to integrate the required safeguards.
Regardless of their starting point, the G7 CEG strongly urges banks to enhance their understanding of the issues and risks involved, as well as to develop strategies for mitigating these risks.