HEALTHCARE PREPAREDNESS FOR QUANTUM COMPUTING- IS Y2Q OUR NEXT Y2K?

Quantum computing has been touted to bring revolutionary changes to healthcare. The technology stands to transform all corners of our industry from drug development, precision medicine to risk mitigation, synthetic data generation, robot path optimization, etc. Despite such bright promises, QC also poses serious cybersecurity threat to many healthcare organizations.

The existing encryption standards that underpin just about all our on-line exchange of information are built algorithms such as RSA or SSL/TLS. These systems make it easy for businesses to create data that can be shared by authorized users while also protecting the data from outsiders. It is nearly impossible for today’s computers to solve the math problem behind these encryptions. When healthcare companies face data breaches today, it is often because of poor implementation of cybersecurity protocols not the integrity of encryptions themselves. And now the quantum computer capable of breaking the current classical encryption systems is around the corner, creating worrying implications.

When the millennium bug was looming, we spent $200B to address the problem. The timeline for Y2K was certain but its scale was unknown. In the case of Y2Q, the situation is arguably reversed. So how should enterprises address this dilemma?

One path forward is to use quantum-powered defenses against a quantum-powered attack by deploying quantum-key distribution. But only governments and very large companies can underwrite the cost of such dedicated connections. The U.S. National Institute of Standard and Technology (NIST) is now busy identifying new classes of mathematical problems that QC can not crack. NIST hopes that within 2–3 years it can turn the right algorithm into practical software. Alphabet’s spin-out SanboxAQ, which is also focused on commercializing post-quantum cryptography, announced several partnerships in March including one with Mount Sinai Health System, which has eight hospitals and 43K employees.

The coming era of QC will undoubtedly be transformative. At the same time, as an industry we need to gird for a cryptographic transition sooner rather than later and ask ourselves how we can quantum proof our enterprise. Healthcare data is highly valued. Losing it to villains will certainly be an existential event!