Quantum Computing Lectures: Cybersecurity

Harvard Video on Cyber Risk

Quantum computing is a rapidly maturing technology that could soon give us the ability to solve valuable problems that are intractable to classical computation.

However, some of those problems form the basis of the world's most widely-used security protocols—meaning we need updated, "quantum-safe" cryptography to protect our data. In this video, the core principles of Quantum Safe are explained. 

In July of 2022, NIST identified four quantum safe standards that organizations can start using.  They  are Lattice-Based Cryptography, Code-Based Cryptography, Hash-Based Signatures and Multivariate Public Key Cryptography.

In this video, the types of hackers and the taxonomy of the motives, skills and techniques that define them are presented.

"Know your enemy" is the first step of defense, and in the case of hackers, it will help inform your security strategy.

• Who are the bad guys?
• What do they do?
• Why do they do it?

The bad guys are trying to break into your IT system: They've got tactics, techniques, and procedures (TTPs) they deploy. What about the "good guys" in security? They need a strategy to defend and respond, which starts with better understanding the enemy, in this case, intruders/hackers.

In this video, the MITRE ATT&CK framework is presented; it defines nomenclature for classifying and describing cyberattacks and intrusions, as well as the TTPs behind them, so you can "know your enemy".

You've probably heard the term ransomware used recently in the news. Between the Colonial Pipeline attack, attacks against local governments, school systems, etc., ransomware is everywhere in the news these days.

But what is ransomware? How does it work? How can you protect yourself from it? 

This video discusses how ransomware can affect both your personal local machine, as well as a large enterprise, and what you can do to defense yourself against malicious attacks.

What overall trends have we seen in the past year in cybersecurity?

What can we look forward to in cybersecurity, threats as well as good things that can occur?

What role will AI, deep fakes, and quantum computing play going forward?

Data Breach - the cost continues to be in excess of $4 million per incident

Ransomware and Multi-Factor Authentication (MFA) will continue to play key roles in IT security

Expect an increase in attacks for Internet of Things

Adversarial AI: An AI system would be able to maybe design new types of attacks to get into systems

Denial of Service attacks are one of the many tactics malicious actors may use. 

 Jeff Crume explains the different types of DoS attacks and what kind measures can be taken to mitigate the threat posed by these kinds of attacks. 

Ever wondered how HTTPS actually works - or public key infrastructure, or symmetric and asymmetric cryptography?

• Public Key Infrastructure (PKI): PKI is a way of governing encryption keys through the issuance and management of digital certificates 
  

Data is the lifeblood of an IT system. It's intellectual property & sensitive customer information.

The "bad guys" want it, so how do you protect your data? A 6 step process for creating a data security strategy:

• Governance: data security policy, classification, catalog, resilience
• Discovery: where the information is at
• Protection: encryption, key management
• Compliance: regulation, retention
• Detection: monitoring, analytics
• Response:

Break Encryption

Store Now - Decrypt Later 

Symmetric Key Algorithm