• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home Process Compliance and Governance

PodChats for FutureCISO: How AI and quantum computing are redefining cybersecurity

allantan by allantan
March 10, 2025
PodChats for FutureCISO: How AI and quantum computing are redefining cybersecurity

PodChats for FutureCISO: How AI and quantum computing are redefining cybersecurity

Share on FacebookShare on Twitter

While offering yet-to-be-fully realised opportunities for innovation and efficiency, AI and quantum computing also present significant challenges to cybersecurity professionals and their industries.

Today, AI is used on both sides of the cybersecurity aisle. Quantum computing threatens to render current encryption methods obsolete, necessitating a rapid transition to quantum-safe algorithms.

The urgency of AI and quantum literacy

Soure: Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards, World Economic Forym 2025

Chief Information Security Officers (CISOs) in Asia must prioritise building AI and quantum literacy within their teams to navigate this evolving threat landscape effectively. While in-depth technical knowledge is not necessarily required for everyone, a solid foundation in understanding the potential of these technologies is vital.

The head of systems integration at Ensign InfoSecurity, Paul Tan, emphasises that "a strong foundation in understanding the potential of these technologies is vital for achieving the best outcomes." He cautions against viewing AI as a "one-size-fits-all solution," advocating instead for its use to maximise operational effectiveness.

Regarding quantum computing, Tan stresses the importance of "proactive planning and sufficient knowledge to understand the consequences of quantum cryptography in systems, as it extends beyond encrypted data to core security infrastructure." Staying ahead requires a commitment to continuous learning and adaptation.

AI: A double-edged sword

AI is a double-edged sword in cybersecurity. On the one hand, it offers powerful tools for defenders, levelling the playing field against attackers. Security teams can leverage AI to monitor network behaviour, enhance threat detection, and streamline incident response. AI can also automate tasks like threat triage by comparing threats against intelligence feeds and recommending response strategies.

However, AI is not without its limitations. Tan posits that "full automation in AI remains a work-in-progress due to limitations in action points." Moreover, attackers increasingly exploit AI for malicious purposes, including deepfake scams, phishing attacks, and creating polymorphic malware that can evade traditional defences.

Organisations must invest in advanced, AI-powered security solutions that proactively counter evolving adversarial tactics," recommends Tan.

Ensuring robustness and resilience of AI defences

One key challenge in leveraging AI for cybersecurity is ensuring the robustness and resilience of AI-driven security systems against adversarial attacks, such as data poisoning. Data poisoning involves injecting malicious data into an AI model's training set, causing it to make incorrect predictions or take undesirable actions.

To mitigate this risk, CISOs should prioritise data integrity within their organisations by sanitising the data points used to train AI models.

Paul Tan

"CSOs should prioritise data integrity within organisations by sanitising the data points where AI models have been instructed and distributed while ensuring AI models are trained on informed decision-making to remain effective." Paul Tan

 He also emphasises that "AI should not replace traditional cybersecurity measures but should complement them."

Related:  Bringing biometrics and mobile credentials into the security practice

Transitioning to quantum-safe cryptography

The advent of quantum computing poses a fundamental threat to current encryption methods. Designed for computing needs outside of general-purpose applications, Quantum computers, with their ability to perform complex calculations far beyond the reach of classical computers, could break many cryptographic algorithms that currently protect sensitive data. This necessitates a transition to quantum-safe cryptographic (PQC) algorithms.

The timeline for this transition will vary depending on the organisation's ecosystem and the availability of resources. Tan recommends that "the most critical first step is to classify data by recognising what is genuinely sensitive and what is not to ensure long-term protection using post-quantum cryptographic (PQC) algorithms is guaranteed."

Organisations should protect and secure backups and storage while following standards set by organisations like the National Institute of Standards and Technology (NIST). Local initiatives, such as those launched by Singtel and IMDA in Singapore, can also provide valuable guidance and support.

The "Harvest Now, Decrypt Later" threat

The threat of "harvest now, decrypt later" is a significant concern in the age of quantum computing. This scenario involves malicious actors collecting encrypted data today to decrypt it in the future when quantum computers become powerful enough to break current encryption algorithms.

Organisations must proactively transition to PQC standards to protect their data and address this threat, even as quantum computing becomes more advanced and accessible. Tan explains, "What organisations can do is shift their focus and transition to PQC standards to protect their data, even while quantum computing becomes more advanced and accessible."

Managing expectations and ensuring compliance

CEOs' and business unit leaders' high expectations for AI and quantum computing can also impact the CISO's role. CISOs must manage these expectations while integrating these technologies into operations and ensuring regulatory compliance.

AI and quantum computing create more sophisticated attack vectors, increasing business risks. CISOs must lead cultural shifts towards quantum resilience, translating cyber risks into business impacts for the C-suite. At the operational level, they must guide AI adoption, ensure AI defends against AI, and protect encryption against quantum threats.

CISOs must also stay on top of emerging regulations, investing in upskilling teams on AI security and quantum risk mitigation. Their role is to prepare the organisation for future challenges, balancing innovation with security to ensure long-term resilience.

Related:  Conversational scams jumped 1,200% in 2022

Advice for CISOs in 2025

CISOs in 2025 face a complex and rapidly evolving cybersecurity landscape. To succeed, they must embrace AI and quantum computing while remaining vigilant about the risks they pose.

Tan offers the following advice for CISOs: "CSOs are not alone in the struggle amidst emerging technologies; acknowledging the power to leverage these developments is mandatory." He emphasises the importance of embracing these advancements, as adversaries are already utilising these platforms.

However, CISOs must also be able to discern between genuine solutions and hype. They need to identify the best and most operationally effective solutions based on their specific environment, despite the many security products claiming to provide the best solutions available.

Click on the PodChat player to listen to Tan's view on how AI and quantum computing are redefining the cybersecurity landscape and the profession.

  1. Given that AI and quantum computing are rapidly reshaping the cybersecurity landscape, what immediate steps should CISOs in Asia take to ensure their teams possess the necessary AI and quantum literacy to navigate this evolving threat environment?
  2. In what ways are you observing AI being leveraged by both cybersecurity defenders and malicious actors, and what proactive measures can CISOs implement to stay ahead of these dual-use applications?
  3. Considering the potential vulnerabilities of AI-driven security systems to adversarial attacks like data poisoning, what strategies can CISOs employ to ensure the robustness and resilience of their AI defences?
  4. As quantum computing threatens to render current encryption methods obsolete, what is your recommended timeline for organisations to transition to quantum-safe cryptographic algorithms, and what are the key challenges in implementing these systems?
  5. With the advent of quantum computing, how should organisations reassess their strategies for protecting sensitive data against "harvest now, decrypt later" attacks, and what role does post-quantum cryptography play in this? Hybrid cryptography
  6. How do CEOs' and business unit leaders' high expectations for AI and Quantum computing impact the CISO's role in managing expectations, integrating these technologies into operations, and ensuring regulatory compliance?
  7. Let's recap: given what we know about AI and PQC, what is your advice for CISOs in 2025?
Tags: Artificial IntelligenceEnsign InfoSecurityPodchatspost-quantum cryptographyQuantum Computingquantum cryptography
allantan

allantan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Reimagining security for the AI Era
  • PodChats for FutureCISO: Articulating the business value of security in 2025
  • New standard for cybersecurity at the storage layer
  • Cybersecurity challenges persist despite improved defenses
  • Weak password reuse crisis remains

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl