Create A Cross-Functional Q-Day Team Or Suffer A Hard Day’s Night

· Source: Featured Blogs - Forrester · Field: Technology & Digital — Cybersecurity & Data Privacy, Cloud Computing & IT Infrastructure, Internet of Things (IoT) & Connected Devices · Depth: Advanced, quick

Summary

Quantum security requirements, driven by the impending "Q-day," will impact diverse organizational areas, including public key infrastructure (PKI) upgrades, quantum-safe software releases, and hardware refreshes for IoT devices. A successful quantum security roadmap necessitates a cross-functional team to inventory cryptography, prioritize systems, and manage remediation. Key technology stakeholders, as outlined in a Forrester report, include security, infrastructure, innovation, development, risk, and procurement leaders. Security leaders will orchestrate migration, educate teams, and drive cryptographic discovery. Infrastructure leaders must assess readiness across all environments, from data centers to cloud and edge, evaluating vendor PQC adoption and upgrading networking components. Procurement leaders are crucial for embedding quantum security requirements into RFPs and contracts, assessing vendor PQC roadmaps and maturity.

Key takeaway

For technology leaders preparing for "Q-day" and the transition to post-quantum cryptography, your organization must establish a dedicated, cross-functional team. This team should include security, infrastructure, and procurement to ensure comprehensive cryptographic inventory, vendor assessment, and system upgrades. Prioritize embedding quantum security requirements into all new contracts and evaluating third-party platform providers' PQC commitments to mitigate future risks.

Key insights

Preparing for quantum security requires a coordinated, cross-functional organizational effort across technology leadership.

Principles

Method

Assemble a cross-functional team to review cryptographic inventory, prioritize systems, and oversee remediation, tracking progress and addressing exceptions.

In practice

Topics

Best for: VP of Engineering/Data, Executive, Security Engineer, IT Professional, CTO

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Featured Blogs - Forrester.