Loading
Quantum-Resistant Banking: A Cryptographic Transformation Strategy
4 key steps to understand risk exposure and build on it.
Quantum computing brings both opportunities and risks to banking. While it can make portfolio optimization significantly more efficient, it also threatens current cryptographic systems. This threat is real.
We know that quantum computers will be able to break encryptions currently in use by banks. Adversaries can collect encrypted data today to decrypt it later using quantum computers, a technique called "harvest now, decrypt later." This risk is particularly significant for banks, where cyber security is essential and sensitive data needs longtime protection. Different data and cryptographic systems face varying levels of risk, making it crucial to know which systems already need quantum protection today.
Banks face four main challenges in achieving quantum security:
- Complex banking systems use multiple communication protocols like SWIFT, ISO20022, EBICS, and SIC SASS, each handling different types of data with varying sensitivity levels. While some data quickly loses its value within minutes or hours, other information needs to be kept confidential for many decades.
- Adoption of modern technologies like cloud solutions, open banking platforms, and Banking-as-a-Service adds to complexity and increase exposure to cyber risks. Banks must protect both modern and legacy systems, often operating on long investment cycles.
- Regulatory efforts to manage cyber risks, like the FINMA circulars 2018/3, 2023/1 or the EU Digital Operational Resilience Act, target more comprehensive risks controls and increase the demand on banks to control their data flows.
- Market pressure from vendors offering quantum-safe solutions, with many claiming urgent importance regardless of actual risk levels.
As such it is important to build an understanding of the actual risk exposure. Which data or systems need immediate quantum protection, and which can be upgraded later.
4 key steps to build understanding and define an action plan
The following vendor-neutral assessment will guide you through the 4 key steps to build this understanding and define an action plan:
Transform this complex challenge into a structured, manageable program
By partnering with ELCA Advisory, you can transform this complex challenge into a structured, manageable program. Our approach ensures resources are allocated effectively, critical systems are protected first, and unnecessary costs are avoided. Our goal for you is a smooth transition to quantum-safe cryptography while maintaining operational efficiency and regulatory compliance.
The quantum threat is not a question of "if" but "when." With our methodology and deep understanding of banking infrastructure, ELCA Advisory provides the clarity and direction needed to secure your institution's future in the quantum age.
Patrik Schmid
Senior Engagement Manager
Patrik Schmid is a member of the ELCA Advisory Financial Services team and has over 20 years of experience in designing and implementing digital software solutions, driving business transformations, and innovation within the financial industry.