Managing Cryptographic and Quantum Risk

Today’s agencies and organizations rely on cryptography to an extent that few people realize. Even CIOs and CISOs typically don’t give much thought to cryptography, and when they do it’s usually because their security teams have escalated a serious issue.

Nevertheless, cryptography is essential to every agency's and organization’s operation and continuity. Regardless of the size of your organization, the cryptographic foundation is ubiquitous and complex; within larger organizations—especially those which have grown through mergers and acquisitions—it’s likely that no one in the agency or organization has a firm grasp of all of the cryptographic systems in use.

Like other critical building blocks of information technology, cryptographic systems require management and maintenance. Most of the time, these needs are addressed invisibly, with updates included within the regular cadence of software patches and system upgrades. This is a non-technical and hype-free explanation of what’s at risk, what you can do, and why you should act now.