Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

A group including MITRE, Microsoft, and IBM has released a roadmap to help organizations adopt post-quantum cryptography (PQC), which is necessary because quantum computers will be able to crack today's public key cryptographic algorithms. The roadmap breaks down PQC migrations into four stages: preparation, baseline understanding, planning and execution, and monitoring and evaluation. Transitioning to PQC is a complex process that will take multiple years to complete and requires exacting planning and execution. Algorithms for quantum-resistant encryption are already available, and other resources are available to help organizations with PQC adoption. Corporate culture can have a major impact on the success or failure of a company's cybersecurity efforts, and the UK National Cyber Security Centre has published guidance on creating a cybersecurity culture. MITRE has also published a fact sheet on preparing critical infrastructure for a cyber war, which is necessary because critical infrastructure organizations must have a plan in case a lengthy, widespread cyber war breaks out. A recent webinar poll spotlighted exposure response strategies and challenges, and a report found that despite high salaries, many CISOs at large organizations are dissatisfied with their jobs. The report found that many CISOs feel stretched too thin and are actively looking for new jobs. The report also found that many CISOs are unhappy with their team's budget and struggle to broaden their role from overseeing cybersecurity technology to supporting business initiatives.