The National Cyber Security Centre (NCSC) has published new guidance on protections against quantum computing threats.
It has outlined a three-phase timeline for key sectors to move to quantum resistant encryption methods by 2035, and encouraged the adoption of post-quantum cryptography (PQC), warning that current encryption standards are vulnerable to the power of quantum computers.
The move derives from the capacity of these computers to solve the mathematical problems that underpin encryption methods. NCSC said that migrating to PQC – a new approach involving the use of quantum-resistant algorithms before attackers can exploit vulnerabilities – will help organisations stay ahead of the threat.
It has recommended that organisations identify cryptographic services needing upgrades and build a migration plan by 2028, and by 2031 execute high priority upgrades and refine their plans as PQC evolves. This should be followed by completing the migration for all systems, services and products by 2035.
It added that for larger organisations this could a complex process and will require planning and significant investment.
Significant risks
NCSC chief technical officer Ollie Whitehouse said: “Quantum computing is set to revolutionise technology, but it also poses significant risks to current encryption methods.
“Our new guidance on post-quantum cryptography provides a clear roadmap for organisations to safeguard their data against these future threats, helping to ensure that today's confidential information remains secure in years to come.
“As quantum technology advances, upgrading our collective security is not just important – it’s essential.”
