It’s more than 20 years since the idea of cyber hygiene became the go-to analogy for anyone trying to explain the importance of keeping data and computer systems safe from viruses and other cyber infections.
And one of the earliest and most notable mentions is by internet visionary Vince Cerf. It can be traced back to a speech he made in 2000.
Addressing a US federal committee on the benefits and potential threats posed by the Internet he said: “most of the vulnerabilities arise from those who use the Internet-companies, governments, academic institutions, and individuals alike — but who do not practice what I refer to as good cyber hygiene.
“They are not sufficiently sensitive to the need to protect the security of the Internet community of which they are a part. The openness of the Internet is both its blessing and its curse when it comes to security,” he said.
Skip forward to today and these comments are just as valid — more so — than when they were first made. What’s more, the analogy has also stood the test of time.
Cyber hygiene is common sense
After all, good cyber hygiene — like our own personal health — is essential for any business that wants to protect itself from cyber threats and keep its systems and data secure. It’s like brushing your teeth every day to maintain good oral hygiene and a winning smile.
By implementing good cyber hygiene practices, businesses can brush up against the risk of cyber-attacks and protect their sensitive information and systems from unauthorised access and exploitation. This includes regular digital flossing such as updating software and operating systems, using strong passwords and two-factor authentication, backing up important data, using anti-virus software, and monitoring network activity.
And it means ensuring that endpoints — those remote computing devices that communicate back and forth with a network — are also protected and free from germs. To do so, businesses need to make sure they have a clear view of all their endpoints — you can’t protect what you can’t see.
Investing in good cyber hygiene is not only a smart business decision. It also shows customers and stakeholders that you are serious about security providing an obvious competitive advantage.
But more than two decades later, is this level of cyber hygiene enough? Are the tried and tested approaches to good cyber hygiene that have served us so well sufficient to cope with more determined, virulent and sophisticated security threats coming down the line? Are they able to cope with emerging technologies such as quantum computing, which has the potential to solve complex problems much faster than traditional computers?
Security Dangers of Quantum Computing
After all, quantum computers can process many calculations simultaneously, leading to mind-blowing increases in processing speed and the ability to handle large amounts of data more efficiently.
And it is this supercharged computing power — which could be used for good in the areas such as logistics or drug research and development — that could also be used to crack many of the encryption schemes that we currently use to protect sensitive data. And it’s that potential threat that is a concern to cyber security professionals.
After all, many of the encryption systems used today are based on mathematical problems that are difficult to solve, even for traditional computers. However, quantum computing has the potential to solve these problems much faster. If that were to happen, it would render many of these encryption schemes obsolete.
And it is this potential to crack existing encryption techniques that not only endanger the digital economy, but the safety and security of governments and countries too. This also explains why security experts are now exploring new security protocols that can resist the threat posed by quantum computing.
Why Most Organisations Don’t Need to Worry — Yet
The good news is that while this cybersecurity threat is real, it is unlikely to happen any time soon with most experts predicting that we’re still a decade or so from it being a problem.
What’s more, Western governments and companies are already working together to prepare themselves for a time when quantum computing becomes a reality.
In the US, for example, President Biden has already signed into law the Quantum Computing Cybersecurity Preparedness Act, which encourages federal agencies to adopt technology that is protected from decryption by quantum computing. And where the US leads, others will follow.
So, while there is no imminent danger of a cyber-attack powered by quantum computing any time soon, we still need to be vigilant. And the best way to do that — today — against the threats that face us now is to cyber hygiene.
And while there is little doubt that in a decade or so from now, quantum computing will likely pose a threat to existing technology, at the moment, we still have ample time to prepare. For now, the advice for organisations is simple. Concentrate on establishing strong cyber-hygiene policies to meet today’s security threats. There’s still plenty of time to address threats that are coming around the corner.
About the Author
Rob Jenks is Senior Vice President, Corporate Strategy at Tanium. We’re not just best-in-category, we define the category. See, control and protect every endpoint, everywhere, with the only Converged Endpoint Management (XEM) platform. It’s time for a convergence: https://www.tanium.com/converged-endpoint-management/
Featured image: ©AnuStudio