How Post-Quantum Encryption Mandates Affect Healthcare – BankInfoSecurity.com

A 3-month-old federal law meant to future-proof federal computers from quantum computer decryption will have an effect on healthcare sector entities, too, says Mac McMillan, founder and CEO emeritus of privacy and security consulting firm CynergisTek.

"Data and systems that we have today that use at least the current cryptography standard will no longer be adequate when quantum computing becomes mainstream," he said (see: Biden Signs Law to Safeguard IT Against Quantum Computing).

Ultimately, private sector organizations, including healthcare entities - "whether they like it or not" - also will need to migrate to the new cryptographic standards, which are being hammered out by the National Institute of Standards and Technology, the National Security Agency and others, according to McMillan.

The eventual mass migration to post-quantum cryptography will compel healthcare entities to take "a 100% inventory" of their network ecosystems, he said. "Everywhere you have encryption, you will need to consider upgrading to the new standard in order to protect that data."

"Right now, if I were a CISO at a health system, I would be looking at this legislation and say, 'Even though I'm not a federal agency and it doesn't apply to me directly, I'm going to start working with IT to identity the systems, applications and data that we need to be thinking about for migration and putting together a plan so that by the time the new standards come out, were prepared to do that."

In the interview (see audio link below photo), McMillan also discusses:

McMillan is co-founder and CEO emeritus of CynergisTek, which was acquired last year by privacy and security consultancy Clearwater. He has more than 40 years of security and risk management experience, including 20 years at the U.S. Department of Defense and its Defense Threat Reduction Agency.

Read more:
How Post-Quantum Encryption Mandates Affect Healthcare - BankInfoSecurity.com

Related Posts

Comments are closed.