"CISA Directs Critical Infrastructure Organizations to Prepare for Post-Quantum Cryptography"
The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) published guidelines that critical infrastructure organizations should follow to transition smoothly to post-quantum cryptography standards. These standards will be published by the National Institute of Standards and Technology (NIST) in 2024. CISA's advisory outlines the potential impact of quantum computing and suggests actions critical infrastructure and government network operators should take. CISA made the recommendations after reviewing 55 National Critical Functions (NCFs), their quantum vulnerabilities, and measures to mitigate security flaws in order to facilitate a smooth transition to post-quantum cryptography. In addition, the DHS and NIST released a roadmap document with actionable insights for transitioning to the new cryptographic standards. CISA recommends its insight document, "Preparing Critical Infrastructure for Post-Quantum Cryptography," and DHS' "Post-Quantum Cryptography Roadmap." This article continues to discuss the CISA's guidance for critical infrastructure organizations on preparing for post-quantum cryptography, the security risks posed by quantum computing, and post-quantum cryptography transition bottlenecks.