- The British government has published new guidelines for post-health migration
- The calendar describes a complete migration target by 2031
- SMEs should find it simpler because of the advice updated
The British government has published its directives on the protection of technical systems against future quantum computers.
The National Cyber Security Center has established a calendar so that British industry and government agencies follow with key dates, first of all, by 2028, all organizations should have a defined set of migratory objectives, and an initial plan, and should have carried out a complete discovery exercise ” to assess the infrastructure and determine what must be updated for a post-quaver.
By 2031, organizations should carry out the most priority migration activities and have a refined plan for a thorough roadmap to complete the change. Finally, by 2035, migration should be completed for all systems, services and products.
Large -scale threats
The British government has described the move a “change of mass technology that will take a number of years” – but why is migration necessary?
The government stresses that the threat to the cryptography of “large -scale quantum computers and large -scale tolerants” is now well understood, and that technical systems will have to evolve to reflect this.
“Quantum computers will be able to effectively solve the hard mathematical problems on which asymmetrical public key cryptography (PKC) is based to protect our networks today,” confirm the directives.
“The main attenuation of the risk that this poses is to migrate to post-aptum cryptography (PQC); cryptography based on mathematical problems that quantum computers cannot resolve effectively.”
The report warns that the total financial cost of the PQC migration could be “significant”, so that organizations should budget accordingly, including for “preparatory activities” as well as migration itself.
For SMEs, the PQC must be simpler and seamless, because the services will generally be updated by suppliers, but in the case of specialized software, replacements or upgrades compatible PQC must be identified and deployed in accordance with the calendar above.
