DATA & ANALYTICS
‘ post-quantum ’ levels of encryption on data when other parts of the business are exposing easily exploitable vulnerabilities .”
“ It ’ s really important that we recognise that , even with good data security practices today , it ’ s often weaknesses in other areas that potentially leave the organisation exposed ,” he describes . “ Security teams need processes in place to continuously assess certificates – know where old certificates and standards are stored and update when they can ,” he says .
It ’ s also imperative that security teams remain up to date with emerging capabilities and retrospectively address introduced weak or broken security practices – such as outdated encryption standards .”
Cheng , meanwhile , recommends a more radical approach : creating an end-to-end infrastructure that ’ s quantum-safe ‘ by design ’. This would include everything from quantumproofing your identity access management
ANDERSEN CHENG TITLE : CEO COMPANY : POST-QUANTUM LOCATION : UNITED KINGDOM
Cheng is the CEO of Post-Quantum , a cyber security company focusing on quantum-safe security and identity solutions . He was previously COO of the Carlyle Group ’ s European venture fund and a founding member of LabMorgan , the Fintech1.0 investment unit of JP Morgan . system to utilising a quantum-safe VPN . Cheng advises businesses to think about “ crypto-agility , backward compatibility , and hybridisation ” as they migrate to post-quantum cryptography ( PQC ).
“ For example , the Internet and Engineering Taskforce ( IETF ) recently created a new VPN standard that helps specify how VPNs can exchange communications securely in the quantum age . The novel approach prioritises interoperability by making it possible for multiple post-quantum and classical encryption algorithms to be incorporated into VPNs , ensuring no disruption to the functioning of existing IT systems , and 104 November 2023