Virtualization Technology News and Information
Article
RSS
VMblog Expert Interview: Quantum Shield - Safeguarding Your Data in the Quantum Age

interview lastwall holmqvist 

The world of cybersecurity is on the cusp of a paradigm shift. The looming threat of quantum computers poses a serious risk to current encryption standards, potentially rendering them obsolete.

In this VMblog Q&A, we speak with Karl Holmqvist, Founder and CEO of Lastwall, about their innovative solution, Quantum Shield. This interview will dive into how Quantum Shield leverages post-quantum cryptography to safeguard conventional network infrastructures and explores its impact on the evolving cybersecurity landscape.

VMblog:  Tell me more about Lastwall and Quantum Shield. How does it protect conventional network infrastructures with the latest quantum cryptographic standards?

Karl Holmqvist:  Lastwall is a leading cybersecurity solutions provider specializing in highly secure, identity-centric, and quantum-resilient technologies. Lastwall's core identity platform has been deployed with the US Dept. of Defense since 2017. Our latest innovation, Quantum Shield, is designed to protect conventional network infrastructures using the latest quantum cryptographic standards. It leverages a NIST pre-approved algorithm that integrates Post-Quantum Cryptography (PQC) into the Transport Layer Security (TLS) layer of network traffic, significantly enhancing security and ensuring resilience against emerging quantum threats.

VMblog:  How does Quantum Shield integrate Post-Quantum Cryptography (PQC) into the Transport Layer Security (TLS) layer and how does it enhance security compared to traditional methods?

Holmqvist:  Quantum Shield is a drop-in Transport Layer Security (TLS) terminator with load balancing capabilities. It replaces existing load balancers (using traditional encryption) with minimal configuration and no ‘rip and replace' cost. Once deployed, Quantum Shield immediately increases security by integrating PQC into the TLS layer using a NIST pre-approved algorithm that provides quantum-safe encryption. This integration ensures that even if a quantum computer capable of breaking traditional encryption methods becomes a reality, the data protected by Quantum Shield remains secure. By being crypto-agile, Quantum Shield can quickly adapt to new algorithms approved by NIST, maintaining forward facing compatibility and security.

VMblog:  What specific challenges do 'Steal-Now-Decrypt-Later' campaigns pose, and how does Quantum Shield address these threats more effectively than current solutions?

Holmqvist:  'Steal-Now-Decrypt-Later' campaigns involve intercepting and storing encrypted data with the intent of decrypting it once quantum computers become capable of breaking current encryption standards. By way of example, if a threat actor were to steal important operational data about a power generation facility, they would be able to decrypt that data in the coming years when a cryptographically relevant quantum computer comes online. Given that this data will probably not change over the course of the next 3-5 years, this is a pressing and urgent threat with potential loss of life consequences. If this data were protected using Quantum Shield, it would be resistant to decryption using quantum-safe algorithms, stifling the success of the malicious actor or nation state ‘Steal-Now-Decrypt-Later' campaign. Quantum Shield addresses this threat by using quantum-resistant cryptographic algorithms that are designed to withstand attacks from quantum computers. This proactive approach ensures that intercepted data remains secure right now, and in the future as new technologies become available to those seeking to execute cyber attacks. 

VMblog:  With the impending release of updated guidance from NIST on quantum-resilient algorithms, how does Quantum Shield ensure it remains compliant and adaptable to these new standards?

Holmqvist:  Quantum Shield is designed to be crypto-agile, meaning it can rapidly update its cryptographic algorithms with minimal configuration changes. This flexibility allows it to stay compliant with evolving NIST standards and quickly adopt newly approved quantum-resilient algorithms as they are released, ensuring ongoing protection against emerging quantum threats.

VMblog:  How does Quantum Shield's crypto-agile design allow for rapid updates, and what measures are in place to ensure minimal configuration changes during these updates?

Holmqvist:  The product is released with auto updates enabled by default. It has access to download both general and security updates from a private repository where Lastwall engineers publish new releases. Lastwall's customer success team is available to support users of Quantum Shield when needed with questions related to product updates, while Lastwall's security team ensures that the product remains current and secure as threats and attack vectors continue to evolve. 

VMblog:  In what ways does Quantum Shield align with and support Zero Trust principles, and how does this enhance its effectiveness in protecting against advanced cyber threats?

Holmqvist:  Zero Trust is a broad topic, and depending on the reader, the definition can vary widely. In a broad sense, the principle of Zero Trust can be interpreted as there exists no implicit trust between two parties or services until they have mutually authenticated with each other.  This authentication procedure, and especially the data contained within it, must remain confidential. If an adversary can spy on it, they could intercept credentials and potentially impersonate a legitimate user. Quantum Shield's TLS application of quantum resilient encryption keeps all data safe, including the authentication session, ensuring that any data exchanged cannot be decrypted and reused if intercepted. The integrity of Zero Trust Architecture could be compromised by threat actors using stolen, valid credentials. By ensuring encrypted data remains encrypted, Quantum Shield prevents the efficacy of these attacks and bolsters true Zero Trust Architecture.

VMblog:  Can you share any case studies or success stories from early adopters of Quantum Shield, particularly in the defense and critical infrastructure sectors?

Holmqvist:  While trial deployment and capability testing has been conducted by the US Dept. of Defense, the results are confidential. Given the increasing shift in cloud adoption and IT digitization within government, defense, and critical infrastructure groups, alongside current policy initiatives/mandates related to the implementation of Zero Trust Architecture, Multi-Factor Authentication, Quantum Resilience, and identity-centric security, Quantum Shield brings immediate value by bolstering the security of these technology transitions and deployments. 

VMblog:  What sets Quantum Shield apart from other quantum-resilient products in the market, and how do you foresee its adoption impacting the overall cybersecurity landscape?

Holmqvist:  Quantum Shield is designed to ease the ever-increasing workload of CISOs, IT administrators, and cybersecurity engineers by simplifying the process of achieving foundational data security and quantum resilience at the transport layer. Used in conjunction with other quantum resiliency products, it serves as the foundation for true end-to-end quantum protection. As a first of its kind product, Quantum Shield offers a fast, easy, and cost-effective solution for bringing enhanced security while also matching the current operational and performance characteristics of load balancers using traditional encryption. Delivered directly to customers' AWS accounts via a one-click software installation, Quantum Shield includes automatic updates, security patching, and easy certificate management enabled by default. 

The significant importance of training and deploying quantum resilient solutions grows every day as we inch closer to ‘Q-Day'; The day in which a cryptographically relevant quantum computer is available. Quantum Computers fundamentally change the underpinnings of the internet. Organizations that act now and move toward quantum resilient IT infrastructure will have a strategic advantage in operational security and forward facing threat mitigation while those who do not will experience unparalleled disruption. 

##
Published Friday, June 28, 2024 7:30 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<June 2024>
SuMoTuWeThFrSa
2627282930311
2345678
9101112131415
16171819202122
23242526272829
30123456