The Monetary Authority of Singapore advised on Monday that financial institutions need to stay agile enough to adopt post-quantum cryptography and quantum key distribution technology, without significantly impacting systems as part of cyber security measures.
Suggestions on how to keep on top of things include watching out for quantum computing developments that could pose threats, and the ability to mitigate them through PQC and QKD, ensuring third parties and management aren't out of touch when it comes to the risk, and monitoring the cryptographic solutions used by institutions - particularly which ones are vulnerable and need replacement.
It is also important to assess whether systems are upgradable to a position that can handle the new threat without hindering any future transition to more secure systems.
Of course, MAS advises training technical staff, having standards, and keeping contingency plans in place.
Singapore is a regional hub for Asia's financial services community and is growing in importance as that sector considers China's increasing influence in Hong Kong.
Few major finance industry players aren't in Singapore, so this call by MAS will likely have a flow-on effect across Asia.
Joe Fitzsimons, CEO of Singapore-based Horizon Quantum, told The Register it's not unheard of for flaws to be found in encryption protocols during their lifecycle, and that the advisory was sensible and well timed.
Protassov estimated the world has around 10 to 15 years before quantum computing benefits will become evident - and consequently accompanied by widespread attacks.
This Cyber News was published on go.theregister.com. Publication date: Wed, 21 Feb 2024 01:13:07 +0000