UK NCSC Announces 2035 Deadline for Quantum-Proof Transition

The UK’s National Cyber Security Center (NCSC) has set a 2035 deadline for critical infrastructure operators to transition to post-quantum cryptography, anticipating the advent of quantum computers that could potentially compromise current encryption algorithms. In a recent advisory, the NCSC outlined a structured timeline aimed at technical decision-makers and risk owners within large organizations and operators of critical national infrastructure. The guidance includes a phased approach, urging organizations to assess their IT systems and draft a migration plan by 2028, transition high-priority systems by 2031, and complete the overall shift by 2035.

Emphasizing the importance of this transition, the NCSC suggests that organizations view this migration as a chance to enhance their overall cybersecurity resilience. Although quantum computing remains largely in the research phase, experts warn that the transition to post-quantum computing is urgent, as a “cryptanalytically relevant quantum computer” could emerge in the early 2030s. Such a computer would have the capability to decrypt information currently safeguarded by traditional encryption methods.

In response to these impending changes, the U.S. National Institute of Standards and Technology (NIST) finalized three post-quantum encryption algorithms in August 2024, setting a precedent for cryptographic standards worldwide. Tech giants, including Google and Microsoft, are also preparing for this technological shift by integrating post-quantum capabilities into their products. The NCSC advises organizations to upgrade to platforms that support post-quantum cryptography, replacing outdated public key cryptography components and phasing out existing IT services.

One of the significant challenges highlighted by the NCSC is the replacement of existing web public key infrastructure and industrial control system protocols, due to their incompatibility with post-quantum cryptography. The agency recommends flexibility in migration plans to accommodate future developments in the ecosystem. Tim Callan, chief compliance officer at Sectigo, noted that systems reliant on RSA and ECC cryptographic algorithms would face difficulties in integrating new algorithms and would require substantial overhauls.

In conclusion, organizations are urged to begin their transition to post-quantum cryptography without delay to ensure security and compliance in the quantum era. While the task is challenging, early and strategic planning can facilitate a smooth transition, safeguarding critical infrastructure against future threats posed by quantum computing advancements.

UK NCSC Announces 2035 Deadline for Quantum-Proof Transition

Children’s Hospital Reinstates EHRs, Patient Portal Remains Offline

Advantages of Implementing Data Management Regulations for Consumers and Businesses

$3,000 Android Trojan Threatening Banks and Cryptocurrency Exchanges

US Extradition of Alleged RaidForums Admin Hits a Standstill

US Extradition of Alleged RaidForums Admin Hits a Standstill

Elevate Your Career: Unlock Opportunities at Cybersecurity Conferences

Microsoft and NVIDIA Team Up for a Major Breakthrough

5 Reasons AI-Driven Business Need Dedicated Servers – SmartData Collective

The Future of Cyberthreat Sharing Post-CISA 2015: What’s Next?

The Future of Cyberthreat Sharing Post-CISA 2015: What’s Next?

Meta Strikes $14.2B AI Deal with CoreWeave for Cutting-Edge Infrastructure

Meta Strikes $14.2B AI Deal with CoreWeave for Cutting-Edge Infrastructure

Cybersecurity Senior Engineer (DAST SME)

Senior Cybersecurity & Compliance Consultant

Sr. Lead Cybersecurity Architect

Cybersecurity Subject Matter/Functional Expert III

Cybersecurity Senior Data Analyst, Bureau of Audit Services

IT CYBERSECURITY SPECIALIST (CUSTSPT)