-
Eye on
CYBER SECURITY
Cyber4Z in short
Cyber4Z started in 2015 with two specialists experienced in the cybersecurity domain. We now have a team with various capabilities in the field of strategic and tactical design of cyber security, IT, Privacy and Blockchain technology.
In addition, we are involved in technical and tactical implementations of complex security challenges that focus on the acceptance of new technologies in a pragmatic way. With our expertise and experience, we can guarantee the business objectives of our clients. These are widely determined by laws and regulations, customer requirements and rules of compliance.
Who are we?
Our team consists of certified professionals. Quality is our top priority. The technical and tactical implementations we deliver from the strategic design can be externally certified against the ISO9001, ISO27001, NEN7510 or other standards. Therewith we can have our quality tested externally as well. In addition, we provide operational knowledge when it comes to technical security assessments such as penetration tests, project management, SOC / SIEM propositions with connecting services such as log management, vulnerability and compliance management, patch management, training in the field of privacy, security and blockchain technology.
More about Cyber4ZOur clients
Monthly Cybernote: December 2024
AIVD, CWI and TNO present updated manual for quantum-safe encryption
The General Intelligence and Security Service (AIVD), Centre Math & Computer Science (CWI) and TNO have published a renewed manual for the transition to quantum-safe encryption. The first edition was published over a year and a half ago. The second edition contains, among other things, more concrete advice for finding cryptographic components, assessing quantum risks and setting up 'cryptographic agility'.
The manual can be found here here.
Quantum computers will likely have enough computing power to crack many of the most widely used encryption algorithms by 2030 to 2040, experts say. Although “Q-Day,” the day when quantum computers will crack current encryption standards, is still years away according to these estimates, there is already a risk that attackers could intercept encrypted data and crack it later with a quantum computer. The US government recently warned that malicious actors are already working on a ‘store now - decrypt later’ strategy.
Switching to a new encryption algorithm can take a long time. “That is why organizations that work with important encrypted information, such as state or company secrets, must already start working on the transition to a quantum-safe environment,” according to the AIVD. The manual should help organizations to identify risks and work on a migration strategy, using the knowledge that has been gained since the first edition. The manual follows a three-step plan to mitigate the quantum threat: diagnosis of quantum vulnerability, planning and execution.
The AIVD, CWI and TNO advise organisations to start now with a so-called cryptographic inventory, to get an overview of all the cryptography used. Furthermore, the manual shares practical experiences around the migration and contains the new advisory tool PQChoiceAssistant, an open source tool that should help companies choose a Post-Quantum Cryptography (PQC) method.