The UK's digital security measures require a significant overhaul to adapt to the quantum age.

      Britain needs a significant overhaul of its cybersecurity systems to protect against future quantum computers, according to a warning this week from the UK’s National Cyber Security Centre (NCSC).

      At the CYBERUK conference in Manchester, the organization’s CTO, Ollie Whitehouse, urged entities to begin preparing immediately for a comprehensive transformation in how digital security is established and managed, emphasizing the severe risks of inaction.

      Once quantum computers achieve a certain level of advancement, they could make current encryption techniques ineffective. This would jeopardize security measures that safeguard everything from financial transactions and medical records to military communications.

      Whitehouse highlighted that an essential step in preparing for this challenge is the adoption of post-quantum cryptography (PQC), which aims to protect against potential cyberattacks from quantum computers. This involves creating new encryption algorithms based on mathematical problems that are difficult for both classical and quantum computers to solve, and integrating these algorithms into existing systems to replace weak encryption methods.

      However, Whitehouse cautioned that transitioning to PQC will not merely be a software upgrade. It will necessitate a "decade-long, national-scale technology change programme" to enhance the foundations of interconnected systems.

      In March, the NCSC released guidelines that provided clear timelines for the UK's transition to PQC, advising organizations to finish migrating all their systems, services, and products to PQC by 2035.

      Globally, governments are rushing to prepare for a future dominated by powerful quantum machines. Last year, the US National Institute of Standards and Technology (NIST) introduced several algorithms considered secure against quantum hacking.

      There is also a growing number of tech startups emerging to assist organizations in this preparation, including UK-based PQShield, which raised $37 million last year to develop its software and hardware-based PQC solutions.

      However, it remains uncertain whether PQC will withstand future quantum attacks, as the ultimate capabilities of these machines are still unknown. This uncertainty has led other companies and governments to investigate Quantum Key Distribution (QKD), which employs quantum mechanics to securely transmit encryption keys as particles of light. These photons transport qubits, the fundamental units of quantum information.

      Importantly, it is impossible to eavesdrop on a QKD message without disturbing the quantum states, which would immediately notify both parties of any interception, making the technology "untappable."

      For the NCSC, transitioning to PQC is currently viewed as the main defense against quantum threats. Whitehouse described it as "a complex change programme that makes fixing the Millennium Bug look easy," referencing the extensive efforts required in the late 1990s to update computer systems that were unable to manage dates beyond 1999.