Written by
John Hewitt Jones
A bipartisan bill focused on improving the federal government’s protections against quantum computing-enabled data breaches has passed the Senate.
The Quantum Computing Cybersecurity Preparedness Act passed the House back in July and now will be signed into law by President Joe Biden. It is co-sponsored by Sens. Rob Portman, R-Ohio, and Maggie Hassan, D-N.H.
Once enacted, the legislation will require the Office of Management and Budget to prioritize federal agencies’ acquisition of and migration to IT systems with post-quantum cryptography. It will also require the White House to create guidance for federal agencies to assess critical systems one year after the National Institute of Standards and Technology issues planned post-quantum cryptography standards.
In addition, the bill will require OMB to send an annual report to Congress that includes a strategy for how to address post-quantum cryptography risks from across the government.
In a Nov. 18 memo, the White House set out the deadline and said federal agencies would be expected to subsequently provide an annual vulnerability report until 2035.
At the time, OMB said also in its memo that agencies would be required to submit to both the Office of the National Cyber Director and the White House an assessment of extra funding needed for the adoption of post-quantum cryptography within 30 days.
It added that a working group for post-quantum cryptographic systems will be established, which will be chaired by the federal chief information security officer.
The legislation passes the Senate as fears mount over significant leaps in quantum technology being made by the United States’s strategic competitors, including China, which could allow existing forms of secure encryption to be cracked much more quickly.