How do I prepare for algorithm changes?
An organisation is crypto-agile when the security team knows all of the algorithms, keys, crypto libraries and protocols in use in their applications and infrastructure, and has a plan that would allow them to change rapidly if necessary.
There are numerous reasons why an organisation might need to change algorithm: the impending arrival of a quantum computer that can break existing asymmetric crypto, compliance rules changing as cryptanalysis advances, a new mathematical discovery, or the slow march of available computing power making previous cryptographic keylengths too short.
In this video Graham explains how you can achieve "crypto-agility" by maintaining an up to date cryptography inventory.
At Cryptosense, we have followed several of our customers as they create or upgrade their cryptography inventory. We have seen that in practice, every organization’s cryptography inventory will be a little different, depending on how and where cryptography is used relative to the business-critical functions of the organization. Indeed, successful cryptography inventory projects typically apply a different methodology to different parts of the application estate or infrastructure, in order to prioritize resources to the most important areas.
In this whitepaper, we will discuss the lessons learned from these projects and the best practice approaches that will enable you to guide your own cryptography inventory project.