*Editor's Note: If you would like to submit a question to Alan Grau, please post it in the comments section. Questions will be answered in a follow-up Q&A.
In the final episode of our five-part Quantum Computing/Quantum Apocalypse series, Alan Grau, VP of IoT and Embedded Solutions with Sectigo, discusses how we protect the machines making the machines.
We have reached an age where machines more or less impact everything we do. On the industrial side, these devices are manufactured by machines controlled by computers.
If bad actors can hack machines at the industrial level, they could have a tremendous impact on society.
Right now, we experience many recalls as a result of human error. Still, if cybercriminals target systems controlling industrial processes, it could have a considerable impact downstream in the supply chain.
We also face legitimate threats to our infrastructure. For example, a water plant in a small Florida community was recently hacked, and the water supply was nearly poisoned with a caustic chemical. Now that we have experienced multiple examples of infrastructure vulnerabilities, the threats need to be addressed. Communities have made significant strides, but Grau says we are "far from bulletproof."
OEMs should've started developing and implementing a cybersecurity plan about three years ago to be ahead of the curve. Now, many companies are scrambling, but it's still possible to catch up.
Grau offers seven steps towards migrating to quantum-safe cryptography. While it could take months, if not years, depending on the company's size, it's worth the investment.
- Step 1: Put together a plan and determine which assets need to be addressed first.
- Step 2: Making sure PKI infrastructure can support quantum-safe crypto.
- Step 3: Update crypto solutions on all servers and core infrastructure pieces.
- Step 4: Update crypto on individual devices in the plant.
- Step 5: Make sure all devices have a quantum-safe root.
- Step 6: Make sure all devices have a quantum-safe certificate.
- Step 7: Deprecate all old crypto algorithms.
Nobody is expecting everything to get started overnight, but OEMs need to plan a path forward.