Rise of the super machine; future quantum computing risks

Authored by AXA XL Global Chief Underwriting Officer, Cyber, Michael Colao

Quantum computing will change the way companies do business, how medicines are developed, our ability to tackle climate change and much more. But these powerful computers will bring with them new risks that we need to start talking about and understanding – now.

Inside the labs of MIT, and other leading global universities, scientists from the world’s largest tech companies, start-ups and top-secret government departments, are developing computers that will have the power to change the world – for the better.

Quantum computing uses quantum-mechanical phenomena to perform computations in a completely different way to the ‘classical’ computers in use today.

While our desktops and phones use ‘bits’ to create the lengthy strings of pulses of binary ones and zeros that make up the information we send, store, view and use, quantum computers use quantum bits – or quibits, that are typically subatomic particles.

Simply put, a quantum computer will be able to perform calculations exponentially faster than any classical computer in existence. There are problems today that are too difficult to solve with traditional computers that will be solvable with quantum computers – and a few problems where the opposite is true.

Opportunities ahead

Quantum computing will bring with it enormous opportunity and huge benefits for the human race and the future of the planet. It has the potential to be used in the biopharmaceutical industry to rapidly model viruses and speed up the development of drugs. It will be used for climate change mitigation, by streamlining carbon intensive processes to reduce emissions and make it more efficient and affordable to capture carbon, for example. 

Quantum computing will enable the development of new materials that can be used in manufacturing and the aerospace industries, among other things. And it will be able to dramatically speed up risk and investment calculations too. 

But, as so often with opportunity, quantum computing will bring with it new risks – some of which we may not even know about yet. And while the commercialisation of quantum computers could be anywhere from three to fifteen years in the future, it will happen, and we all need to be prepared. 

Evolving cyber risk

One of the biggest and most immediate threats will be the fact that quantum computers will easily be able to break current encryption standards. Currently, the world’s data is protected by public key encryption. This is the system that enables us to bank online and to trade with others safely.

But quantum computers, with their vastly different way of working, will easily be able to break through these encryption standards. That means that an individual could not send an e-mail without it being potentially intercepted and read. Nor could they do any online commerce, or online banking, as again, the details of the transaction could easily be read and exploited. A potential calamitous outcome could be that, for a while at least, all transactions would have to be made in cash because online systems would simply be too insecure. In an increasingly cash-free society, it is difficult to imagine how this could work in practice.

There is an opportunity to fix this issue, however. But it will take investment and time. 

Security technology

Agencies like the US National Security Agency and the UK’s Government Communications Headquarters (GCHQ) have been working on post-quantum cyber security technology in the form of classical algorithms that will be secure against quantum computers.

Implementing a change to cryptographic systems is complicated, expensive, and time-consuming. And making this change does not generate a penny of additional revenue nor save a penny of additional cost. As a result, many firms have not yet planned for this change. 

We could well end up with a scenario of ‘haves’ and ‘have-nots’ if some companies leave it too late to make the necessary investment in security. And it is vital that awareness is raised about the potential risk – and the fact that it is coming down the pipe, we just are not sure when.

It is possible that this will turn out to be a Y2K-type issue; a potential disaster that is, eventually, averted thanks to investment in technology. The Y2K scare, or millennium bug, is often referred to as a “damp squib” because the feared global computer crash did not occur. But it’s important to bear in mind that disaster didn’t happen because, eventually, once awareness of the potential crisis grew, companies invested millions upon millions of dollars in making programming fixes. 

If firms fail to make change by the time that encryption-breaking quantum computers become available, they face the risk of disconnecting from the internet, until necessary changes are implemented.

In the case of firms with data that does not materially deteriorate in value over time, there’s a risk that encrypted data may be stolen now, only to be decrypted several years in the future when quantum computing becomes available.  The value of data over time will determine how aggressively each firm will need to approach this risk.

Future ready

We encourage clients to consider what quantum computing will mean for their business models and to understand what some of the risks to them might be. There are direct cyber implications – the risk of being hacked; political risk concerns if sensitive information is vulnerable to hack; D&O; product liability and recall; and business interruption risks.

In addition, there will also be enormous opportunities for business across all sectors and for people in all walks of life, which is why it’s important to consider the impact of quantum computing ahead of time.