I had the great pleasure of chairing a panel (Penten CEO Greg Barsby, QuintessenceLabs founding CTO John Leiseboer, Services Australia CIDO Charles McHardie AM, and Danesh Jogia from Australian Signals Directorate) on post-quantum cybersecurity and data management resilience at the “Quantum Meets Public Service” event. The event was amazingly organised by Cathy Foley‘s Chief Scientist Office.

Here are some non-obvious messages from my opening remarks:

𝟏. 𝐀𝐜𝐭 𝐍𝐨𝐰, 𝐍𝐨𝐭 𝐋𝐚𝐭𝐞𝐫: We all know powerful quantum computers may one day break encryption, yet many still hesitate to act now. The time to act was yesterday! Adversaries can “store now, decrypt later,” obtaining encrypted data now that may include sensitive personal communications and classified information, with declassification periods spanning 25-30 years. It’s not just about stored data; all encrypted communication is at risk. CSIRO’s Data61 has developed hybrid solutions combining the best of secure quantum communication and quantum-resistant encryption.

2. 𝐄𝐦𝐛𝐫𝐚𝐜𝐞 𝐂𝐫𝐲𝐩𝐭𝐨 𝐀𝐠𝐢𝐥𝐢𝐭𝐲: Moving from current encryption standards to quantum-safe solutions is complex. Many organisations may not even know where all their valuable data and communication channels are. Moreover, quantum-safe crypto algorithms may eventually be broken, necessitating quick replacements. That’s why we’ve been focusing on “crypto agility,” ensuring organisations are always ready to transition, not just once but continuously.

𝟑. 𝐈𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐑𝐞𝐬𝐢𝐥𝐢𝐞𝐧𝐜𝐞: While agility is crucial, we must avoid the pitfalls seen in incidents like the recent CrowdStrike episode. This requires robust infrastructure resilience, including testbeds, DevOps for security updates, and comprehensive rollback/fallback plans. Our resilient critical infrastructure and DevOps research cover all these aspects.

𝟒. 𝐐𝐮𝐚𝐧𝐭𝐮𝐦-𝐒𝐚𝐟𝐞 𝐁𝐞𝐲𝐨𝐧𝐝 𝐄𝐧𝐜𝐫𝐲𝐩𝐭𝐢𝐨𝐧: Protecting classical data is one thing, but what about data used in AI? Recent breakthroughs at CSIRO’s Data61 show that quantum ML can not only enhance AI performance and resistance to adversarial attacks but also directly detect data integrity issues. Quantum data assurance extends beyond encryption, offering innovative data protection today.

𝟓. 𝐐𝐮𝐚𝐧𝐭𝐮𝐦 𝐒𝐨𝐟𝐭𝐰𝐚𝐫𝐞 𝐈𝐧𝐭𝐞𝐠𝐫𝐢𝐭𝐲: Finally, protecting data and AI models is vital, but we must also consider the integrity of the quantum computing stack itself, from hardware to complex software layers. Similar to software bills of materials (SBOM) and data/AI BOMs, we are working on ensuring the integrity of the quantum hardware/software supply chain—QuantumBOM is on our agenda.

I hope these observations offer food for thought beyond the usual quantum-resistant encryption discussions. Each action can be implemented today for immediate and future-proof benefits. If you are interested, find out more here: https://lnkd.in/gQswB67H and reach out.