English Edition
FS-ISAC Guidance Urges Financial Firms to Implement Crypto Agility as a Key Defence
The paper is the first to define cryptographic (crypto) agility holistically for both business and technical audiences.
Published
1 month agoon
● The seminal whitepaper highlights the case for and implementation of cryptographic agility to trust across the financial services sector.
● “Cryptographic agility is a critical success factor in the long-term journey to protect the world’s data from quantum and other emerging threats.”
Singapore, TechnoBusiness SG ● FS-ISAC, the member-driven, not-for-profit organisation that advances cybersecurity and resilience in the global financial system, today announced the release of a seminal whitepaper designed to help financial services institutions understand the challenges, elements and processes of building cryptographic agility in the face of emerging threat vectors like quantum computing.
The paper, titled Building Cryptographic Agility in the Financial Sector, is the first to define cryptographic (crypto) agility holistically for both business and technical audiences, with the goal of helping stakeholders across the sector grasp the necessity of crypto agility and define an approach that works for their institutions. The move to crypto agility must begin immediately because quantum computing is likely to make a commonly used class of cryptography algorithms insecure in the next few years, creating a risk of exposed data transmission or storage that would break the way business is conducted today.
“The financial services industry must take a leadership position in cryptographic agility, ensuring the sanctity and safety of data and storage as threats continue to evolve,” said Michael Silverman, Chief Strategy & Innovation Officer, FS-ISAC. “The goal of crypto agility is simple: to enable business continuity when existing cryptography is compromised or weakened. The transition to crypto agility is vital in maintaining the trust upon which the financial services sector is built and ensuring the safety of business operations in today’s complex, ever-evolving computing environment.”
The paper focuses on three key concepts: a framework for implementing crypto agility, an explanation of the challenges organisations may face implementing crypto agility and how to overcome them, and a set of insights on transition governance and architecture. Authored by FS-ISAC’s Post-Quantum Cryptography Working Group, composed of quantum subject matter experts from some of the largest global financial firms, the whitepaper explains that as the pace of technological change accelerates, crypto agility must be viewed as a long-term strategy, not a one-off implementation, in order to keep financial services firms secure and compliant for the long term.
The guidance is broken into two main sections:
- Why a Crypto Agile Approach to Infrastructure Change is a Security and Business Necessity, which defines and builds on prior work for a new comprehensive approach to crypto agility, testing crypto agility capacity, challenges of crypto agility migration and frameworks for successfully replacing insecure algorithms.
- Implementing Crypto Agility, which discusses the financial sector’s vision for adapting cryptographic schemes, implementation and governance considerations and process guidelines.
“Cryptographic agility is a critical success factor in the long-term journey to protect the world’s data from quantum and other emerging threats,” said Peter Bordow, FS-ISAC PQC Workgroup Chair & Distinguished Engineer / Managing Director of Quantum Security, Wells Fargo. “This paper is an extraordinary collaboration, combining the knowledge and experience of more than 30 quantum and security subject matter experts from the financial services sector, into a single artefact for both business and technical audiences.”
Jamie Gómez García, Banco Santander, Quantum Safe Financial Forum, added, “The transition to quantum-safe cryptography offers organizations a unique opportunity to strengthen their cryptographic management. Now is the time to anticipate future threats and embrace crypto agility, ensuring resilience in the face of evolving challenges.”
“The FS-ISAC cryptographic agility paper is an important steppingstone towards a successful transition from legacy cryptography to post-quantum cryptography,” stated Steve Stevens, Executive Director, Accredited Standards Committee X9 Financial Services. “This fits nicely into ASC X9’s work on the long-term sustainability of post-quantum cryptography standards.”
With the release of this paper, FS-ISAC continues to lead the charge in advancing cybersecurity and resilience in the global financial system, aligning its efforts with cross-border initiatives like the G7 Cyber Expert Group’s recent call to action on quantum computing risks, in which it urged the financial sector to monitor developments in quantum computing, promote collaboration among public and private stakeholders, and begin planning for potential risks posed by the emerging technology.●
—Michael T. Kheilton, TechnoBusiness SG
You may like
-
Inilah Daftar Pemenang Smarties Indonesia Awards 2024
-
MMA Impact Indonesia 2024 Soroti Dampak Mendalam Digitalisasi
-
Laba Bersih BCA Digital pada Kuartal 3/2024 Tumbuh 532,7%
-
Synnex Metrodata Indonesia Jadi Distributor Devo Technology
-
BPA Broker Hadirkan Solusi Telekonsultasi Kesehatan dr. Barron
-
IBM AI in Action Report Identifies Key Characteristics of Businesses
-
Pengiriman Tablet Jelang Musim Liburan Secara Global Naik 11%
-
Donald Trump Menang, Harga Bitcoin Cetak Rekor Rp1,2 Miliar
-
Awas, Penjahat Siber Sebarkan Captcha Palsu yang Berbahaya!