Sponsored by Broadcom

Quantum computing is no longer a far-off possibility. It’s advancing fast enough to threaten the cryptographic foundations that protect nearly every digital interaction today. Governments are moving, industry leaders are preparing, and regulators — including the National Institute of Standards and Technology (NIST), the National Security Agency (NSA), Germany’s Federal Office for Information Security (BSI), and the Australian Signals Directorate (ASD) — are already setting deadlines.

The question is: are you ready?

At this year’s Vanguard Security Conference, Broadcom experts broke down what quantum computing really means for mainframe security and how organizations can start preparing now. Here are the key takeaways.

Why Quantum Matters Now

• When quantum computers reach ~20,000 logical qubits, it’s estimated that they could solve today’s 2048-bit RSA encryption in just 8 hours.¹
• An expert estimates a 50% chance by 2031 that current public-key cryptography will be broken.
• Global investment in quantum computing has already surpassed $55 billion USD, with acceleration led by the U.S., China, and the European Union.²
• Attackers don’t need to wait. They can “harvest now, decrypt later” by storing encrypted data today and unlocking it once quantum power is available.

Bottom line: The shift isn’t a matter of if, it’s when. Organizations that act now will be better positioned to protect their systems, data, and reputations.

Your Quantum-Ready Playbook

Broadcom’s guidance for preparing for quantum-resistant security is clear: start building resilience today with steps that are actionable, repeatable, and scalable.³

1. Build a Clear Picture of Your Cryptography

• Pinpoint where cryptography is in use across your applications, software, and hardware.
• Create a crypto inventory of algorithms, keys, and certificates to understand where you’re most exposed.
• Prioritize high-risk areas like externally facing applications and sensitive data to guide your remediation plan.

2. Make a Plan for Post-Quantum Cryptography (PQC)

• Align with the new NIST standards: ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205).
• Plan ahead for your migration timeline, knowing that weaker algorithms will be phased out by 2030 and a full transition is expected by 2035. Some geographies are already calling for accelerated adoption, so timelines may vary by region.
• Use hybrid approaches (classical + PQC) to ensure a smooth adoption path.

3. Strengthen Systems Today While Preparing for Tomorrow

• Replace outdated algorithms like Data Encryption Standard (DES) and Triple DES (TDES).
• Move toward Transport Layer Security (TLS) 1.3 and stronger encryption practices now.
• Build crypto agility – the ability to pivot quickly as new standards and threats emerge.

Why Act Now?

Simply encrypting your mainframe data at rest isn’t enough to protect against quantum. And no, we don’t have “plenty of time” before malicious actors catch up. The technology curve is too steep, and the stakes are too high. The good news: you don’t need to boil the ocean. Start small: Map where cryptography is used in your environment. Replace outdated algorithms. Begin migrating to TLS 1.3.

Where to Go Next

Don’t wait for disruption to dictate your timeline. Quantum resilience starts now, and Broadcom is here to help.

For ongoing insights, visit the Broadcom Mainframe Blog – and watch for highlights from the Vanguard Security Conference in the weeks ahead.

1. https://www.isaca.org/resources/news-and-trends/industry-news/2024/embracing-the-future-the-quantum-computing-revolution-begins-now

2. https://www.forbes.com/sites/sylvainduranton/2024/06/26/quantum-now/

3. https://www.executivegov.com/articles/peters-blackburn-national-quantum-cybersecurity-migration-act#:~:text=The%20proposed%20legislation%20calls%20for%20a%20coordinated,to%20transition%20their%20systems%20to%20quantum%2Dresistant%20cryptography

Jessica Doherty has 21+ yrs of Mainframe experience spanning product management, customer support, and software engineering, where she gained her deep Mainframe experience from both developing and launching mainframe hardware and z/OS security products. Her career has been marked by a deep-seated passion for crafting innovative solutions that not only delight customers but also drive business growth.