Latest news with #QuantumXchange
Forbes
18-06-2025
- Business
- Forbes
Beyond Operating Systems: Considerations For A Comprehensive Quantum Security Strategy
Antonio Sanchez is Chief Strategy Officer at Quantum Xchange, a post-quantum crypto-agility solution provider. The recent integration of post-quantum cryptography (PQC) into Windows 11 and Red Hat Enterprise Linux 10 marks a pivotal moment in cybersecurity. As quantum computing continues advancing, the industry is responding to the existential threat these powerful machines pose to our current encryption standards, which are embedded everywhere in our digital lives. However, security is an end-to-end concern, and while OS-level quantum resistance represents significant progress, it addresses only one layer of what must be a comprehensive strategy. Operating system PQC integration provides a foundation for quantum security, but several critical vulnerabilities remain unaddressed: • Enterprises maintain diverse and dynamic IT footprints. They span multiple OS vendors, versions, legacy systems, cloud services and specialized applications. A quantum-secure operating system cannot protect outdated systems or anything beyond its ecosystem. The heterogeneous environment creates security gaps that require comprehensive solutions beyond the OS layer. • Data in motion remains vulnerable. An operating system handles encryption requirements on the local machine, but those systems have to connect with other servers and clients across the network. This means your data travels across your IT footprint with varying security implementations. A quantum-secure strategy must address the entire journey. • Cryptographic agility—the ability to quickly swap encryption algorithms—requires infrastructure and planning beyond the OS on the systems. As quantum-resistant cryptography evolves, organizations need frameworks for rapid adoption and implementation of future algorithms. There are several key elements of a robust security posture that includes quantum: • Cryptographic Inventory Discovery And Management: Organizations must conduct thorough audits to identify all systems and cryptography in use. This cryptographic inventory should ideally be continuous due to the dynamic nature of IT estates. This becomes the foundation for prioritized remediation efforts. • Risk-Based Implementation: Not all data requires the same level of protection. A nuanced strategy allocates quantum-resistant resources based on data sensitivity and retention requirements. Information that must remain secure for decades demands immediate quantum protection, while short-lived data may follow a more gradual transition timeline. • Application-Level Security: Applications typically implement their own cryptographic protocols independent of the underlying operating system. Each must be individually assessed and updated to quantum-resistant standards—a process that OS-level PQC cannot address. • Key And Certificate Management: The transition to quantum-resistant algorithms necessitates comprehensive key management systems that can handle longer keys, different certificate formats and hybrid cryptographic approaches during the migration period. • Hardware Security Integration: Many organizations rely on hardware security modules (HSMs) and trusted platform modules (TPMs) for their most sensitive operations. These specialized components require quantum-resistant updates that align with broader security strategies. • Cross-Platform Standardization: Enterprise environments typically span Windows, Linux, macOS, mobile operating systems, IoT devices and other specialized systems. A comprehensive security strategy must harmonize quantum-resistant approaches across this diverse landscape. Organizations must navigate a hybrid reality where quantum-vulnerable and quantum-resistant systems coexist, sometimes processing the same data. This transition requires: • Crypto-Agile Infrastructure: Solutions designed to accommodate algorithm changes without major architectural overhauls or operational interruption. • Hybrid Cryptographic Approaches: Implementing both traditional and post-quantum algorithms during the transition, providing defense-in-depth while building confidence in new cryptographic methods. • Policy And Governance Frameworks: Updated security policies that account for quantum threats and establish governance for the transition to quantum-resistant technologies. The integration of PQC into major operating systems represents an important milestone, but it's not the destination. It signals the beginning of a broad transformation in how we secure digital assets against quantum threats. Organizations must look beyond operating system protections to develop holistic strategies addressing their entire digital footprint. As quantum computing continues its rapid advancement, the window for preparation narrows. Those who view OS-level PQC as a step in a comprehensive security evolution will be best positioned to protect their most valuable information assets in the post-quantum era. The quantum security journey extends far beyond operating system updates. It requires rethinking security architecture, implementation priorities and transition strategies. Only through this comprehensive approach can organizations truly prepare for the quantum computing revolution that lies ahead. Forbes Communications Council is an invitation-only community for executives in successful public relations, media strategy, creative and advertising agencies. Do I qualify?
Business Wire
12-06-2025
- Business Wire
Quantum Xchange Releases Virtual Container Key Management Solution for Post-Quantum Cryptography
SAN DIEGO--(BUSINESS WIRE)--Today at Cisco Live, Cisco's annual IT and communications conference, Quantum Xchange announced that its Post-Quantum Cryptography (PQC) key management solution, Phio TX ®, is now available as a virtual container. The new form factor, Phio TX-EM, is compatible with Cisco networking operating systems IOS XE, IOS XR, as well as the Nexus NX-OS operating system, which will allow Cisco networking users to harden their infrastructure and easily migrate to NIST-standard PQC with no network downtime or performance degradation. 'Our support for Cisco's SKIP protocol and network operating systems is just the latest example of how Quantum Xchange is working to offer their customers, and the market, a practical path to quantum readiness while hardening their infrastructure today,' Share Phio TX supports standard key management protocols, such as SKIP and ETSI, enabling drop-in integration without changes to existing router configurations. It is also one of the first products to receive NIST certification for the latest FIPS 140-3 cryptographic module standard and FIPS 203 validation supporting all ML-KEM algorithms for post-quantum security. Compatible with Cisco IOS XE and XR routers supporting containers such as Cisco Catalyst 8000v, NCS 540 and Nexus switches with containers, Phio TX-EM provides over-the-network provisioning, installation, configuration and distribution of Phio TX key management as an integrated process within the network itself. With Phio TX-EM, SKIP key requests are kept within the cryptographic boundary of the device, making the SKIP PQC implementation secure by eliminating the possibility of data leakage due to weakly configured external SKIP calls. Only FIPS-validated PQC key exchanges are passed between devices. Moreover, Phio TX does not rely on pre-shared or static keys. It uses ephemeral keys, dynamically generated in-memory and deleted after use. A strong symmetric key is created and travels out-of-band, independent of the encrypted data thereby avoiding harvest now, decrypt later (HNDL) and man-in-the-middle attack scenarios. Download the Phio TX-EM data sheet for a complete inventory of product features. 'Our support for Cisco's SKIP protocol and network operating systems is just the latest example of how Quantum Xchange is working to offer their customers, and the market, a practical path to quantum readiness while hardening their infrastructure today,' said Antonio Sanchez, Chief Strategy Officer at Quantum Xchange. 'Phio TX's crypto-agile features and capabilities deployed as a virtual container, offers customers choice and flexibility for meeting the unique data security requirements of their organization while easily upgrading their network infrastructure to quantum safety with zero static keys, zero downtime, and zero added latency.' Quantum Xchange demoed Phio TX and its various deployment options in the Security & Networking Village at Cisco Live, where the best and brightest minds in IT come together to learn, share knowledge, and connect. To view the presentation delivered to event attendees in San Diego, June 8-12, 2025, 'Fast Track to Post-Quantum Security' go to the Cisco Live website. About Quantum Xchange Quantum Xchange protects confidential and classified data from advances in computing and everyday cybersecurity risks. Its award-winning key management platform, Phio TX empowers organizations to bring existing IT infrastructures into the post-quantum era easily and affordably with an innovative, secure, and flexible architecture. Commercial enterprises and government agencies can leverage trusted standards for quantum-safe protection, embrace crypto-agility, and establish a cryptographic center of excellence with no network or application downtime and no performance degradation. To learn more visit
