IBM’s Vision for Security in the Quantum Era

By Charles King, Pund-IT®  February 8, 2023

Enterprise technology solutions are predicated on the knowledge that large scale businesses face continual, often evolving challenges. Most enterprise IT vendors’ offerings and services are designed to help clients successfully address existing problematic issues and situations. The best vendors have the foresight, skills and expertise to help enterprises effectively prepare for ever greater difficulties that lie just over the horizon.

A recent report from IBM’s Institute for Business Value (IBV), Security in the Quantum Era offers insights into how this process works. The report examines the potentially catastrophic dangers posed by cybercriminals, rogue states and other bad actors that have access to quantum-level tools. It also discusses what IBM is doing to address those issues and help enterprises secure their IT assets and infrastructures against quantum cyberthreats.

The benefits and dangers of quantum computing

The IBV report begins with a simple premise: “Quantum computing is evolving from the fantastical to the feasible.” On the upside, emerging quantum solutions could help solve intractable problems in areas like machine learning, materials science, pharmaceutical research and process optimization. If that future comes to pass, the potential scientific, social and business benefits are enormous and well worth pursuing.

However, like any technology, quantum tools can be leveraged for good or ill. A hammer can be used to build up or break down. Regarding that danger, the IBV report notes that in the wrong hands “quantum computing poses an existential risk to the classical encryption protocols that enable virtually all digital transactions.” As a result, commonplace trusted data encryption mechanisms such as RSA and ECC public-key cryptography (PKC) could be vulnerable, endangering organizations’ information and financial assets.

As the World Economic Forum stated last August, “Considering that the digital economy is estimated to be worth $20.8 trillion by 2025, the repercussions could be staggering.”

Another factor in this scenario is the long-term value of many forms of information, including data related to national security, business strategy, intellectual property, public infrastructure, medical records and product development. The IBV report suggests that those assets are potentially already subject to exfiltration in so-called “harvest now, decrypt later” attacks, with the intention of monetizing data once quantum decryption solutions are viable.

For organizations ranging from large enterprises to government agencies and entities to public utilities to telecommunications providers, preparing for future cyber-attacks backed with quantum-level cryptographic tools is vitally important.

Building “quantum-safe” cryptography strategies and solutions

What does the IBV report suggest enterprises should do to address these dangers?

  • Prepare for potential quantum threats by educating teams on quantum-safe cryptography and demonstrate how businesses can identify achievable near and long-term cryptographic goals.
  • Discover potential vulnerabilities by using quantum-safe cryptographic assessments, including how to develop and deploy a successful ecosystem for a common approach to data governance.
  • Transform business operations by performing analyses that can spot cryptographic dependencies between business-critical systems, thus leaving data vulnerable.
  • Observe the threat landscape by developing a dashboard to promote visibility and assessment.

IBM itself has been proactive in developing a host of advanced security offerings, including a suite of IBM Quantum Safe services that are designed to be resistant to quantum-based encryption cracking techniques. Those services are available for the IBM z16 mainframe launched last April, the industry’s first quantum-safe enterprise system.

In addition, IBM has spent years building a global team of top cryptography experts to spearhead quantum-safe schemes and preparation plans. The company contributed to developing three of the four algorithms chosen by the National Institute for Standards and Technology (NIST) for post-quantum cryptography standardization and was also a founding member of the GSMA Post-Quantum Telco Network Taskforce.

Final analysis

IBM’s work in quantum-safe offerings and services, along with its continuing investments in advanced security development, show the company doing what it does best. While many enterprise IT vendors tend to compartmentalize product teams and creation, IBM is highly focused on integrating software, infrastructure, data analytics and AI into workable new business solutions and services. Those are crucial to the thousands of enterprises that look to the company for help solving existing business-critical problems.

Just as importantly, IBM’s pursuit of next generation technologies is designed to explore new business opportunities and concerns. The company has been a leading light in commercial quantum system development. It seems likely that the insights it gleaned along the way were foundational to the Quantum-Safe services available with the new generation IBM z16.

The conclusions offered in the IBV’s new Security in the Quantum Era report suggest that the company is acting it has done so often in the past. In essence, IBM is using its considerable investments, insights and inventions to help enterprise customers understand, prepare for and successfully weather future changes and challenges.

© 2023 Pund-IT®. All rights reserved.