DTCC warns of hacking threats posed by rise of quantum computing
21 September 2022 US
Image: Tomasz_Zajda/stock.adobe.com
The Depository Trust & Clearing Corporation (DTCC) warns that quantum computing has potential to generate significant new risks for financial services companies by making their computer systems more vulnerable to hacking attacks.
In a newly published white paper, the New York-based market infrastructure company notes that quantum computing offers possibilities for firms to analyse and solve complex problems that cannot be solved easily using current computing methods and hardware. However, this powerful new approach to computation may also enable hackers to exploit vulnerabilities in even the most heavily protected computer systems.
In this report, Post-Quantum Securities Considerations for the Financial Services Industry, DTCC advances a series of recommendations that firms may follow to address these securities threats. Early preparations will involve evaluating and identifying potential vulnerabilities in existing systems, reinforcing cryptography practices by centralising management of keys and certificates, and enforcing best-practice standards relating to encryption mechanisms.
This should include working with the regulatory community to advance, and encourage adoption of, best practice standards, including NIST’s focus on post-quantum cryptography (PQC) standards.
DTCC recommends that firms should develop a playbook that maps out the steps required to replace an encryption platform and ensure this can be delivered promptly in advance of any concrete rise in the threat to its systems.
Firms must also focus on building a strong risk culture within their organisations.
DTCC managing director and chief information security officer Ajoy Kumar says: “We recognise that a quantum technology threat is coming. With some experts estimating that the industry’s protected data could become vulnerable over the next decade, the time to act is now.”
“DTCC is taking timely steps to protect our data,” adds Kumar.
In publishing the paper, DTCC highlights the importance of collaboration across the industry to advance this critical dialogue and to prepare for the emergence of PQC standards.
“Collaboration and preparation are key to ensure that security, privacy and the integrity of the financial industry are well preserved,” concludes Kumar.
In a newly published white paper, the New York-based market infrastructure company notes that quantum computing offers possibilities for firms to analyse and solve complex problems that cannot be solved easily using current computing methods and hardware. However, this powerful new approach to computation may also enable hackers to exploit vulnerabilities in even the most heavily protected computer systems.
In this report, Post-Quantum Securities Considerations for the Financial Services Industry, DTCC advances a series of recommendations that firms may follow to address these securities threats. Early preparations will involve evaluating and identifying potential vulnerabilities in existing systems, reinforcing cryptography practices by centralising management of keys and certificates, and enforcing best-practice standards relating to encryption mechanisms.
This should include working with the regulatory community to advance, and encourage adoption of, best practice standards, including NIST’s focus on post-quantum cryptography (PQC) standards.
DTCC recommends that firms should develop a playbook that maps out the steps required to replace an encryption platform and ensure this can be delivered promptly in advance of any concrete rise in the threat to its systems.
Firms must also focus on building a strong risk culture within their organisations.
DTCC managing director and chief information security officer Ajoy Kumar says: “We recognise that a quantum technology threat is coming. With some experts estimating that the industry’s protected data could become vulnerable over the next decade, the time to act is now.”
“DTCC is taking timely steps to protect our data,” adds Kumar.
In publishing the paper, DTCC highlights the importance of collaboration across the industry to advance this critical dialogue and to prepare for the emergence of PQC standards.
“Collaboration and preparation are key to ensure that security, privacy and the integrity of the financial industry are well preserved,” concludes Kumar.
← Previous technology article
Taulia collaborates with Standard Chartered on working capital finance solutions
Taulia collaborates with Standard Chartered on working capital finance solutions
Next technology article →
Deutsche Börse confirms creation of first digital instruments in D7 simulation environment
Deutsche Börse confirms creation of first digital instruments in D7 simulation environment
NO FEE, NO RISK
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Assegt Servicing Times
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Assegt Servicing Times
