Semiwiki on LinkedIn Semiwiki on Facebook Semiwiki on Twitter Register / Log in 
Array
(
    [content] => 
    [params] => Array
        (
            [0] => /forum/threads/g7-publishes-strategic-roadmap-for-pqc-in-financial-systems.24389/
        )

    [addOns] => Array
        (
            [DL6/MLTP] => 13
            [Hampel/TimeZoneDebug] => 1000070
            [SV/ChangePostDate] => 2010200
            [SemiWiki/Newsletter] => 1000010
            [SemiWiki/WPMenu] => 1000010
            [SemiWiki/XPressExtend] => 1000010
            [ThemeHouse/XLink] => 1000970
            [ThemeHouse/XPress] => 1010570
            [XF] => 2030770
            [XFI] => 1060170
        )

    [wordpress] => /var/www/html
)

G7 publishes strategic roadmap for PQC in financial systems

AmandaK

AmandaK

Administrator
Staff member
PQSNews_G7-publishes-strategic-roadmap-for-PQC-in-financial-systems.png


The G7 Cyber Expert Group (CEG) recently published a strategic PQC transition roadmap for the global financial sector.

It’s a significant document, intended as a guide for coordinated transition, protecting sensitive economic data in the G7 from future decryption threats. In effect, the roadmap refocuses PQC from a ‘future technical concern’ to what’s now considered an imperative for the global financial system – with stakeholders including financial authorities, technology vendors, infrastructure operators and government.

The roadmap outlines several key considerations:
  1. - Flexibility. Transition to PQC must remain practical across the financial landscape – an approach that will require adaptability in the unique circumstances of individual migration projects, and in the face of evolving threats.
  2. - Risk-based approach. Prioritization should be done based on the criticality of different areas, and high-risk/high-value systems must be tackled first.
  3. - Standards-based approach. Use of existing IT security standards is recommended, as well as quantifiable metrics to track progress.
  4. - Collaboration. Co-operation between entities can help with interoperability, and collaboration with third-parties will enable management of dependencies.
For PQShield, it’s interesting to see these considerations laid out in such a high-profile report, as it resonates with much of our focus over the last few years. Flexibility inherently leads to the need for crypto agility, an area of focus that’s designed into our Ultra PQ product suite, making it possible to upgrade your cryptography without disrupting operation. Risk-based migration depends on prioritization, and the ongoing migration of systems will inevitably impact the supply chain through dependencies and interoperability requirements.

Meanwhile, the CEG roadmap also condenses these considerations into six non-linear phases for financial entities, which are worth inspection. The diagram below shows how these phases interlink across the suggested timeline, leading to 2035 for full migration of systems.

G7-roadmap-phases.png


  • - Awareness / Preparation – establish executive risk awareness, map critical systems, communicate to shareholders
  • - Discovery & Inventory – cryptographic assets and gaps, quantum maturity, communicate practices and guidance
  • - Risk Assessment & Planning – create migration plans/governance, communicate plans clearly, engage stakeholders, support regulatory approaches
  • - Migration Execution – deploy quantum-resistant solutions, monitor and oversee progress, identify barriers and provide support
  • - Migration Testing – test migrated functions, resilience exercises, incorporate quantum resilience into testing phase, based on regulatory approaches
  • - Validation and Monitoring – continuously validate based on new standards, adapt policy frameworks to the evolving threat landscape, support refinement of capabilities
Aligning neatly with the global effort, the target timeline for the G7 financial sector is 2035 for completion, with critical systems driving a deadline of 2032 – though naturally with margins embedded as the maturity of both cryptographic standards and quantum technology changes. For the CEG, and by extension the G7 itself, the message is that entities should integrate PQC into technology strategies, and prioritize migration – particularly with the threat of HNDL (Harvest-Now-Decrypt-Later) and the inevitability of quantum computing.

As the report highlights, the role of the G7 itself is to monitor global progress, co-ordinate with international standards bodies and stay ahead of the resources as the threat landscape evolves.

It’s a mission we’re fully on-board with, especially as a provider of secure solutions for the supply chain. There’s little doubt that the stakes are high for the financial sector, and as the next generation of threats emerges, it’s our goal to provide the next level of ultra-secure, ultra-fast performative hardware and software for the financial sector and beyond.

Find out more from the full Expert Group Statement on Advancing a Coordinated Roadmap for the Transition to Post-Quantum Cryptography in the Financial Sector.

Link to Press Release
 
You must log in or register to reply here.
Back
Top