Quantum Xchange to Host PQC Discovery Webinar with The National Cybersecurity Center of Excellence
BETHESDA, M.d. – May 13, 2024 – Quantum Xchange, delivering the future of encryption with holistic cryptographic agility, visibility, and management solutions, today announced that it will host the webinar, “Migration to Post-Quantum Cryptography: The Discovery Phase” featuring guest speaker Bill Newhouse, Security Engineer at NIST and The National Cybersecurity Center of Excellence (NCCoE) and Lead of the Migration to Post-Quantum Cryptography Project. The live webinar is scheduled to take place on Thursday, May 16 at 1:00 p.m. ET. Event and registration details can be found here.
The NCCoE works in collaboration with the National Institute for Standards and Technology (NIST) to bring awareness to the issues involved in migrating to NIST’s post-quantum cryptography (PQC) – final standard expected to be published in summer. NCCoE’s recommended first step (See: NIST SP 1800-38 volumes A-C) is enterprise-wide cryptographic visibility – a full inventory of the use of cryptography across the organization. From this discovery phase, informed risk assessment and migration prioritization decisions can be made.
The Quantum Xchange webinar will offer attendees a deep dive into the “discovery” phase of any PQC migration project – how best to detect and report the presence and use of quantum vulnerable, public-key cryptography in systems and services. Technical and operational challenges with automated crypto discovery tools will be addressed with an emphasis on vulnerability scanning vs. continuous network monitoring.
Quantum Xchange’s crypto discovery and risk assessment tool, CipherInsights, works as a passive listener on the network, deployed as a virtual appliance which connects to a packet broker or SPAN/TAP. Unlike scanning tools that can only inspect certificates and cryptographic libraries that are installed on endpoints of known systems, CipherInsights performs analysis on traffic as it passes by, identifying and classifying the encryption, both sanctioned and unsanctioned, that is in use on the network. This comprehensive and continuous monitoring includes client-side server, third-party applications, partner APIs, IoT, supplier portals, and cloud applications. Alerting is done in real-time, not point-in-time.
“Understanding the security architecture of your networks and the vast dependencies on public-key encryption is critical to an efficient and cost-effective, PQC transition and to ensuring information remains interoperable and safeguarded during the transition period and for years to come,” said Vincent Berk, Chief Strategy Officer at Quantum Xchange and fellow webinar speaker. “Organizations should begin their planning preparations now, leveraging crypto intelligence and continuous network monitoring to inform and develop a risk-based approach to their quantum-safe journey.”