Assessing the strategic imperative and challenge for industry of post-quantum cryptography (PQC)

Development of a cryptanalytically relevant quantum computer will undermine the security of public-key cryptography and data encryption schemes protecting global data resources, secure communications, and identity verification systems. While realization of such a powerful quantum computer is an open research objective, often characterized by a ten-year time horizon, nation states are, today, engaged in illegal appropriation of sensitive data, in the expectation that they will possess the capability to break contemporary encryption schemes in the future.

Due to the lifetime of national security data, financial transaction data, and personal healthcare information (PHI), the active "harvest now, decrypt later" attack vector employed by nation states makes adoption of quantum-resilient cryptographic protocols an imminent concern for governments and commercial organizations. Indeed, several governments have mandated adoption of post-quantum cryptography within the next five- to ten-year timescale, introducing significant implications for connected supply-chains and allied countries, including Australia.

The key message of this Breakout session will be that recent advances in quantum computing capability and architecture, coupled with technical breakthroughs, commercial incentives, massive global investment, and strategic competition in the field of artificial intelligence, all act to create conditions posing an imminent quantum information security risk that organizational leaders must urgently address.

In this session, organizational executives and cybersecurity leaders will be provided with an in-depth assessment of the current quantum information security landscape that will address established and emerging threat vectors. The audience will be provided with expert insights and real-world information to support a planned transition to new cryptographic standards, in accordance with institutional guidance.

The session has been designed to be accessible to a generalist audience, drawn from cybersecurity leaders and industry executives with decision-making responsibility. Although no prior knowledge of quantum computing or cryptographic security is required, the session will provide valuable information for both executive staff and security professionals and will be delivered by two experienced speakers who work at the forefront of post-quantum cryptography implementation and quantum information security research. Reference to published standards, guidance, and both public and private engineering test data will leave the audience with a clear picture of the imperative of post-quantum cryptography implementation and the organizational challenges associated with this necessary transition.

The session will be structured in four sections that provide business leaders with a combination of technical grounding and strategic insight. The Breakout will conclude with a question-and-answer session where the audience can engage with the core themes of the presentation. The two presenters will share delivery of the session, according to their respective expertise. Slideware covered in the presentation will be available for the audience to download, as required.