The Accredited Standards Committee X9 Inc. (X9) today announced that it has published an updated version of its Informative Report titled "Quantum Computing Risks to the Financial Services Industry," denoted X9.IR-F01-2022.
The 120-page document, available for download at no charge, delivers a broad background on quantum computing and the security risks it is expected to pose to cryptography -- specifically, the cryptography that the financial services industry depends on.
The financial industry could be particularly hard hit should the potential computational power posed by quantum computing become a reality. It is predicted that large-scale, stable quantum computers will be able to quickly solve the mathematical problems upon which today's widely deployed cryptographic systems are based; systems that are currently used to protect sensitive information on the internet and throughout the industry.
This second release of the X9 Informative Report provides background on the principles of quantum computing, the current state of quantum computing as it pertains to the financial industry, quantum's threat to current cryptography, and timing predictions — and offers guidance on actions that organizations can take now to identify, prepare for and mitigate risks. The report is written and maintained by the X9 Quantum Computing Risk Study Group.
Enhancements in the 2022 report include updates on research into qubit design, roadmaps, identification of risks, and time frames. This report will continue to be updated as changes occur in the industry. It is written with both managers and technical people in mind.
"With the new X9 report, we wanted to create a reader-friendly, thorough resource on the quantum threat and how it affects organizations, and more importantly, to offer actionable, practical guidance on how organizations can move forward with their quantum-safe efforts," said Philip Lafrance, CISSP, standards manager at ISARA Corporation and editor of the report.
"Quantum-safe cryptography is a very complicated and fast-moving field, and information rapidly becomes outdated. It is important that people responsible for critical infrastructure, including critical financial systems, have access to the latest information on the threat that quantum computers pose, and the available methods for protecting against that threat. X9 is providing a great service by collecting and regularly updating this report," said Tim Hollebeek, head of standards development at DigiCert and co-chair of the Quantum Risk Study Group.
X9 has created a brief video about the report and X9's ongoing work in the area of quantum computing.