Building Cryptographic Agility in the Financial Sector
The goal of cryptographic agility – or crypto agility – is simple: to enable business continuity if/when existing cryptography is compromised or weakened.
The move to crypto agility must begin immediately because quantum computing is likely to make a commonly used class of cryptography algorithms insecure in the next few years. The financial services sector cannot risk insecure data transmission or storage – it would break the way we conduct business today. And as the number of systems, dependencies between systems, and overall technical complexity grow, the effort to update cryptographic assets has intensified.
This paper, written by the FS-ISAC Post Quantum Cryptography Working Group (PQC Working Group), explains the process in detail and provides guidance and advice to financial services firms – or those of any industry – to help them become crypto agile.
The document provides these key concepts:
