{"id":160576,"date":"2025-09-22T07:56:11","date_gmt":"2025-09-22T07:56:11","guid":{"rendered":"https:\/\/www.newsbeep.com\/au\/160576\/"},"modified":"2025-09-22T07:56:11","modified_gmt":"2025-09-22T07:56:11","slug":"what-it-leaders-need-to-know","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/au\/160576\/","title":{"rendered":"what IT leaders need to know"},"content":{"rendered":"<p><img decoding=\"async\" alt=\"Preparing for the post-quantum world: what IT leaders need to know\" title=\"Preparing for the post-quantum world: what IT leaders need to know\" class=\"img-thumbnail img-right\" src=\"https:\/\/www.newsbeep.com\/au\/wp-content\/uploads\/2025\/09\/1758527771_705_..jpg\"\/><\/p>\n<p>For decades, the security of the digital world has rested on public-key cryptography. Algorithms like RSA and elliptic curve cryptography (ECC) keep everything from online banking to government communications safe. But advances in quantum computing threaten to undermine this foundation. While today\u2019s quantum computers cannot yet break RSA or ECC in practice, it is fully expected that in the near future they will do so. The possibility of \u2018harvest now, decrypt later\u2019 attacks \u2014 where adversaries capture encrypted traffic and data today and wait to decrypt it once quantum machines arrive \u2014 makes the problem urgent now, not some day in the future.<\/p>\n<p>At DigiCert\u2019s 2025 World Quantum Readiness Day held on 10 September, company CEO Dr. Amit Sinha warned that the technology will soon trigger a breakthrough moment similar to ChatGPT.<\/p>\n<p>\u201cOne day you\u2019ll wake up and realise the disruption has already happened. The big tech firms like Google, Microsoft, and AWS are racing for quantum supremacy, and the pace of advancement is staggering,\u201d he said.<\/p>\n<p>\u201cMoving to quantum is a huge change for organisations, and whenever people and organisations are faced with a big change, they usually go through the five stages of grief: denial, bargaining, anger, depression, and acceptance,\u201d he added. \u201cToday, 24% of organisations are still in denial about the risks of quantum computing. Our goal with the Quantum Readiness Day event is to help them move toward acceptance, because this is the year that shift must happen.\u201d<\/p>\n<p>Bringing together a distinguished panel of experts from industry, government, and academia, the Quantum Readiness Day event underscored the urgency of migration as regulators across Australia set accelerating deadlines and guidance for post-quantum cryptography (PQC).<\/p>\n<p>Action and the cost of inaction<\/p>\n<p>The global response to the issue has been ongoing for some years. Governments, standards bodies, and industry have been working together to prepare a new generation of PQC algorithms. For IT leaders, the challenge is no longer about whether PQC will matter, but about when and how to begin the migration.<\/p>\n<p>Speakers at the event stressed that delaying action will only increase risks and costs.<\/p>\n<p>\u201cEvery month you delay the transition, the risks compound. The expense of emergency migration under pressure will far outweigh the investment of starting early,\u201d said Lakshmi Hanspal, Chief Trust Officer at DigiCert. Colin Soutar, Deloitte\u2019s Global Quantum Cyber Readiness Lead, agreed: \u201cOrganisations that wait will end up paying more, financially, operationally, and reputationally.\u201d<\/p>\n<p>Where the standards stand<\/p>\n<p>The US National Institute of Standards and Technology (NIST) has been leading the charge with a multi-year competition to evaluate and standardise quantum-resistant algorithms. After five years of global review, NIST announced the first set of algorithms in 2022, and draft standards were published in 2024. These include new public-key schemes for both encryption (key exchange) and digital signatures.<\/p>\n<p>The first algorithms expected to see widespread adoption are ML-KEM (short for Module Lattice Key Encapsulation Mechanism) and ML-DSA (Module Lattice Digital Signature Algorithm), which grew out of a family of algorithms known for their strong security properties and efficient performance. NIST has chosen these and other algorithms to replace or complement existing schemes like RSA and ECC. Further candidates are still being evaluated in a \u2018fourth round\u2019, ensuring that backup options exist if weaknesses are found.<\/p>\n<p>William Whyte, Senior Director of Technical Standards at Qualcomm, explained that these standardised algorithms are not vulnerable to quantum attacks and will become widely used alternatives to today\u2019s RSA encryption. But Dr. Taher Elgamal, cryptographer and father of SSL, cautioned that organisations should not assume this will be the final solution.<\/p>\n<p>\u201cThe migration from RSA to ML-DSA will not be the last. Agility is the way forward,\u201d he said.<\/p>\n<p>What a migration looks like<\/p>\n<p>Moving to PQC is not just a technical upgrade \u2014 it\u2019s a program of change management that touches people, processes, and suppliers. IT managers should think of it as a staged journey rather than a single project.<\/p>\n<p>The first step is visibility. Most organisations do not have a complete inventory of where and how cryptography is used. It shows up in obvious places like VPNs, TLS connections, and digital certificates, but also in software updates, document signing, secure email, and the protection of data at rest. Mapping these dependencies is essential for planning a phased migration.<\/p>\n<p>Next comes prioritisation. Not all data has the same sensitivity or lifetime, and systems that handle long-lived sensitive data should be at the top of the list for quantum-safe protection. With a clearer picture in hand, organisations can begin introducing crypto-agility \u2014 the ability to swap cryptographic algorithms without a major redesign.<\/p>\n<p>The next step is pilot deployment. Many vendors and open-source projects now offer versions of their products that support hybrid post-quantum algorithms. Running pilots in controlled environments allows IT teams to measure performance, test interoperability, and train staff without exposing production systems to unnecessary risk.<\/p>\n<p>Experts urge APAC organisations to act<\/p>\n<p>Quantum computing is one of those technological shifts that moves from speculative to inevitable almost overnight. For cybersecurity, the shift is already underway. The fact that international standards exist, widely supported libraries are available, and vendors are beginning to ship hybrid solutions tells us that the transition has begun.<\/p>\n<p>As APAC organisations face rapidly accelerating expectations and guidelines around quantum readiness, the event\u2019s timing and focus could not be more critical.<\/p>\n<p>\u201cOur team at DigiCert aligns with the Australian Government\u2019s 2023\u20132030 Cyber Security Strategy, which identifies quantum threats as a resilience priority, and we are encouraged by the broader ecosystem\u2019s progress in advancing PQC through research and pilots that will accelerate sector-wide adoption,\u201d said Daniel Sutherland, DigiCert Regional VP ANZ.<\/p>\n<p>DigiCert has reaffirmed its commitment to leading this effort by delivering tools, roadmaps, and collaborative frameworks that empower organisations, anchored by its DigiCert ONE platform. Designed to give organisations the agility to adapt as cryptographic standards evolve, DigiCert ONE supports the latest post-quantum algorithms and helps enterprises prepare and manage the complex transition.<\/p>\n<p>Image credit: iStock.com\/blackdovfx<\/p>\n","protected":false},"excerpt":{"rendered":"For decades, the security of the digital world has rested on public-key cryptography. Algorithms like RSA and elliptic&hellip;\n","protected":false},"author":2,"featured_media":160577,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[106518,64,63,257,66697,106519,106520,105,106521],"class_list":{"0":"post-160576","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-computing","8":"tag-amit-sinha","9":"tag-au","10":"tag-australia","11":"tag-computing","12":"tag-digicert","13":"tag-post-quantum-cryptograhy","14":"tag-pqc","15":"tag-technology","16":"tag-world-quantum-readiness-day"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/posts\/160576","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/comments?post=160576"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/posts\/160576\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/media\/160577"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/media?parent=160576"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/categories?post=160576"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/tags?post=160576"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}