The News: IBM’s Think 2023 conference in Orlando, FL, featured the launch of IBM’s new Quantum Safe set of tools and capabilities. IBM also introduced its Quantum Safe Roadmap, which provides a number of key milestones in terms of technology development towards the foreseeable cryptographic standards and requirements. Additional detail is available in IBM’s Press Release.

IBM Charts the Course to Quantum Safe Computing

Analyst Take: At IBM Think 2023 IBM’s announcements showcased the launch of the company’s new Quantum Safe set of cools and capabilities. Specifically, IBM announced:

• Quantum Safe Explorer, which scans source and object code to uncover all cryptographic assets and dependencies to build what IBM is calling a “Cryptography Bill of Materials” (building from the idea of a Software Bill of Materials).
• Quantum Safe Advisor, which utilizes the cryptographic inventory to provide a holistic view into the organization’s cryptographic risk profile.
• Quantum Safe Remediator, which provides IBM-cultivated best practices for remediation of vulnerabilities, as well as the ability for customers to test and automatically deploy these remediation patterns.

The Case for Quantum-Resistant Encryption

On a global basis, encryption is arguably the most commonly used method for preventing data from malicious viewing or usage. Simply put, encryption is pervasive, on both a personal and business standpoint — protecting all of our digital assets, ranging from healthcare records, to private communications, to financial transactions. Encryption is also in significant jeopardy due to the ongoing development of quantum technology that is capable of breaking the traditional cryptography on which we rely. To protect our economies and our identities, a shift to quantum-resistant encryption is required.

Why Now?

Why do we need to worry about this now, if we don’t even know when these quantum computers will be a reality? The reason is because encrypted data that is stolen could be stored until a future time that the technology is available to decrypt it. Given the steps that organizations have been taking to be able to recover from ransomware, attackers have already been increasingly motivated to shift to methods of data extortion and theft. I wouldn’t be surprised to see incidence of data extortion and theft continue to increase, especially as the horizon of quantum computing capable of decrypting state-of-the-art algorithms approaches.

IBM and Quantum

So, we need to start preparing, but migrating to quantum-safe algorithms will be an incredibly complex task. This is where IBM aims to help, by cultivating a set of technologies and competencies that helps companies to:

• Identify their current cryptography usage, including all dependencies; where and how are traditional encryption algorithms being used?
• Obtain a centralized vantage point into their vulnerability posture; where are the potential risks?
• Prioritize risks; what needs to be addressed first?
• Build a plan for migration to quantum-safe technologies; how will the risks be remediated?

It is worth noting that IBM brings expertise to address these issues. Notably, IBM is developing the quantum computers that stand to break existing encryption algorithms, its latest Z-series mainframe, the z16, was developed with quantum safe encrypting hardware. It also contributed to the development of three of the four quantum-resistant algorithms that the National Institute of Standards and Technology (NIST) has selected for standardization.

In sum, the prospect of updating potentially vast amounts of code is nothing short of daunting. The journey to quantum-safe encryption will undoubtedly be complex and time consuming, but with the emergence of standards, it does stand to be simplified using the visibility and remediation patterns that IBM is bringing to bear.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

IBM Launches watsonx: Powerful New Platform for AI Base Models

IBM Lakehouse as Part of watsonx.data for AI and Analytics

IBM and Stony Brook University Selected to Anchor the New York Climate Exchange by the City of New York

Author Information

Krista Case

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.