Monetary Authority of Singapore (MAS) Quantum Risk Advisory
On February 20, 2024, the Monetary Authority of Singapore (MAS) issued Circular No. MAS/TCRS/2024/01, titled “Advisory on Addressing the Cybersecurity Risks Associated with Quantum“. Targeted at CEOs of all financial institutions (FIs), the Advisory addresses the emerging cybersecurity challenges posed by quantum computing advancements. It warns of the potential for quantum computers to compromise widely used encryption and digital signature algorithms, thereby threatening the security of financial transactions and sensitive data managed by FIs.
Key Recommendations in the Advisory:
- FIs are encouraged to stay informed about quantum computing developments and understand their implications for cybersecurity. This includes tracking potential threats and exploring quantum security solutions such as post-quantum cryptography (PQC) and quantum key distribution. FIs should ensure that both their management and third-party vendors are aware of these issues and are prepared to support the transition to quantum-resistant solutions.
- Financial institutions should work closely with their IT vendors to evaluate and mitigate risks in their IT supply chains related to quantum threats. This involves pushing vendors to develop and eventually supply quantum-resistant solutions as they become available.
- FIs should maintain an inventory of their cryptographic assets to identify critical assets that need priority migration to quantum-resistant technologies. This involves assessing the vulnerability of cryptographic solutions currently in use and classifying IT and data assets reliant on these technologies.
- The Advisory encourages FIs to enhance the technical competencies of their staff regarding quantum security solutions and to revise internal policies and procedures accordingly. FIs should develop strategies to mitigate risks for assets that cannot immediately transition to PQC and prepare for scenarios where quantum risks materialize sooner than expected.
- Where resources allow, FIs should consider conducting proof-of-concept trials with quantum security solutions to gauge the potential operational impacts and tackle any implementation challenges.
The advisory is available here.
Quantum Upside & Quantum Risk - Handled
My company - Applied Quantum - helps governments, enterprises, and investors prepare for both the upside and the risk of quantum technologies. We deliver concise board and investor briefings; demystify quantum computing, sensing, and communications; craft national and corporate strategies to capture advantage; and turn plans into delivery. We help you mitigate the cquantum risk by executing crypto‑inventory, crypto‑agility implementation, PQC migration, and broader defenses against the quantum threat. We run vendor due diligence, proof‑of‑value pilots, standards and policy alignment, workforce training, and procurement support, then oversee implementation across your organization. Contact me if you want help.
