Senators from the United States have sponsored a bill that would fortify national security by preparing the federal government’s defences against data breaches made possible by quantum computing. Federal agencies must actively endeavour to ensure that federal cybersecurity defences are kept up to date as quantum computers, particularly those being developed by adversaries, continue to become more potent and accessible.
The advancement of quantum computers is one of the subsequent technological frontiers, and with this promising technology comes up with new risks. As this technology advances, the national security information of the United States will remain secure, and the federal government must be prepared to address cybersecurity concerns. Senators from both parties have urged their colleagues to support the bill to strengthen cybersecurity defences and protect national security.
Quantum computing, on the other hand, will provide significant advances in computing power while also introducing new cybersecurity challenges. The bill requires the government to inventory its cryptographic systems, determine which are most vulnerable to quantum computing, and upgrade those systems accordingly.
The Quantum Computing Cybersecurity Preparedness Act would do the following:
- Require the Office of Management and Budget (OMB) to prioritise the acquisition and migration of post-quantum cryptography information technology for federal agencies.
- Instruct the Office of Management and Budget (OMB) to develop guidance for federal agencies to assess critical systems one year after the National Institute of Standards and Technology (NIST) publishes planned post-quantum cryptography standards.
- Direct OMB to submit to Congress an annual report that includes a strategy for dealing with post-quantum cryptography risks, any funding that may be required, and an examination of the transition to post-quantum cryptography standards and information technology, as well as the coordination of the entire government.
In the meantime, OpenGov Asia previously reported that determined adversaries are subjecting the industrial control systems that run the crucial energy infrastructure to increasingly serious and sophisticated cyberattacks. To avoid disruptions to the nation’s essential energy services, energy systems must be built to withstand intentional cyber intrusion, exploitation, and misuse.
Cyber-Informed Engineering (CIE) is a new method for integrating cybersecurity into the conception, design, development, and operation of any physical system with digital connectivity, monitoring, or control. It employs architectural decisions and technology controls to reduce or eliminate cyber-enabled attack vectors, or to mitigate the damage of an attack.
Furthermore, following an executive session, the U.S. Senate Committee on Commerce, Science, and Transportation announced that it has adopted the Children and Teens’ Online Privacy Protection Act and the Kids Online Safety Act.
The Children and Teens’ Online Privacy Protection Act specifies criteria for the acquisition of minors’ and children’s personal information, including information that must be disclosed to a parent or minor, as well as data subject rights such as rectification, erasure, and access.
Notably, the Children and Teens’ Online Privacy Protection Act restricts the sale of internet-connected gadgets designed for children and adolescents unless specific cybersecurity and data security requirements are met.
Similarly, the Kids Online Safety Act establishes standards for covered platforms concerning their duty of care and the protection of children. Specifically, the Kids Online Safety Act states that a covered platform has a duty to act in the best interest of a minor who uses the platform’s products or services and must prevent other individuals from viewing a minor’s gathered or shared personal data. In addition, the Kids Online Safety Act includes disclosure and transparency obligations.
