The Cybersecurity and Infrastructure Security Agency has unveiled a new shopping guide detailing software and hardware with quantum-resistant encryption in a bid to bolster federal agencies' readiness for post-quantum cryptography, CyberScoop reports.Aside from noting the widespread availability of PQC standards in platform-as-a-service and infrastructure-as-a-service cloud platforms, browsers, servers, collaboration software, and endpoint security tools, the guidance also detailed hardware and software product categories transitioning to PQC standards, including software-as-a-service platforms, password managers, and intrusion detection tools.However, such a document has been criticized by experts over its lack of consideration of the challenges related to post-quantum migration, with Arqit Field Chief Technology Officer and Head of Cryptography Roberta Faux and Patero Chief Operating Officer Peter Bentley emphasizing the guide's absence of information on creating cryptographic inventories."Without that visibility, and arguably developing a Cryptographic Discovery and Inventory best practice, 'PQC-enabled' becomes a marketing label instead of a verifiable capability, especially in hybrid or mixed-vendor environments," said Bentley.
Encryption, Cloud Security, Endpoint/Device Security
New CISA post-quantum cryptography tech list raises concerns

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds

