Quantum Computing Policy

 Risking Apocalypse? Quantum Computers and the US Power Grid   By Arthur Herman & Alexander W. Butler – Hudson Institute, December 2021   Summary   This report from the Hudson Institute’s Quantum Alliance Initiative highlights the growing risk quantum computing poses to the U.S. power grid. Quantum technology, while promising, threatens to break widely used encryption methods, leaving critical infrastructure vulnerable to cyberattacks. The authors warn that state-sponsored adversaries like China and Russia may already be storing encrypted data, waiting for quantum decryption capabilities to mature.  Key Findings   Quantum Computing’s Threat to Power Grid Security   - The U.S. electric grid is heavily reliant on digital infrastructure and encryption to manage power distribution, detect cyber intrusions, and prevent unauthorized access to operational systems.   - Most current encryption standards (RSA, ECC, and AES-128) rely on the difficulty of factoring large numbers—a problem quantum computers could eventually solve in seconds using Shor’s Algorithm.   - Quantum-enabled cyberattacks could disable power plants, disrupt energy supply chains, and cause cascading failures across the economy.   State-Sponsored Quantum Threats Are Real   - China’s $15 billion quantum initiative is a major concern. The country has already demonstrated leadership in quantum communication and encryption-breaking research.   - The report raises the possibility that adversaries may already be “harvesting now, decrypting later” by stockpiling encrypted data for future quantum decryption.   - The U.S. intelligence community and National Security Agency (NSA) have issued warnings about quantum threats, yet grid operators have been slow to act due to lack of immediate financial incentives.   Post-Quantum Cryptography: The Best Defense   - The authors advocate for immediate implementation of NIST’s newly finalized post-quantum cryptographic (PQC) standards—including CRYSTALS-Kyber (ML-KEM), CRYSTALS-Dilithium, and SPHINCS+—to future-proof critical infrastructure.   - They highlight the need for government-mandated encryption upgrades across all critical industries, including utilities, banking, and defense.   - The report also suggests increasing federal funding for quantum-safe cybersecurity research and expanding public-private partnerships to accelerate deployment.   Implications for National Security & Policy Recommendations  - A Quantum-Resistant Grid is Essential: The report urges the Department of Energy (DOE), NERC (North American Electric Reliability Corporation), and FERC (Federal Energy Regulatory Commission) to mandate PQC adoption across all utilities.    - Strategic Deterrence Against Adversaries: The U.S. should accelerate its own quantum computing development to maintain an offensive edge while securing its own networks.  

⚜️Excited to announce the forthcoming publication by Columbia Law School of my article "Towards a European Quantum Act," in the Columbia Journal of European Law. This ex-ante study provides a complete blueprint for the EU's foundational 2026 quantum legislation, addressing the technology's transformative promise and significant dual-use risks. ✒️It argues for a sui generis legal framework, as quantum phenomena like entanglement and superposition defy the classical assumptions of certainty, causality, and locality that underpin our current laws—a challenge illustrated with concrete examples from healthcare, finance, cybersecurity and defense. ⚛️While quantum applications are not yet mature, the very purpose of this anticipatory governance framework is to embed our values into the technology's architecture before a governance tipping point is reached and it becomes too entrenched to change, avoiding the reactive regulatory posture that has defined previous tech cycles. 📃Building on this research, my colleague Tracey Forrest and I at the Centre for International Governance Innovation (CIGI) have developed a policy brief to translate these findings into actionable strategy. We have shared it with key leaders at the European Commission, the US Senate, policy institutions, and International Standards bodies. 🇪🇺 Our core recommendation is for a two-pillar EU Quantum Act that combines an ambitious, Chips Act-style industrial and security policy with an agile, risk-based regulatory framework grounded in the precautionary principle. Central to this is the "standards-first" philosophy—a concept from the Stanford Center for Responsible Quantum Technology that I detailed with my co-authors in Science Magazine—which uses technical standards as the primary vehicle to embed democratic values. 🌍The ultimate goal is to foster a responsible and competitive quantum ecosystem that strengthens the transatlantic alliance. On the international stage, we advocate for a global non-proliferation framework for quantum and AI WMDs, culminating in a "Qubits for Peace" initiative to ensure this technology is developed safely and ethically for the benefit of all humanity. 💡You can read the policy brief here on the website of the European Commission: https://lnkd.in/gTrpCXSK 🗽The full 80-page Columbia Law paper is available in preprint on SSRN: https://lnkd.in/gYXZrkSu … and ArXiv: https://lnkd.in/gaSTgn7A 🎓Thank you to my colleagues at Centre for International Governance Innovation (CIGI) and Stanford University for their support. cc: Mark Lemley Michael McFaul Urs Gasser Mateo Aboy I. Glenn Cohen #QuantumGovernance #QuantumTechnology #TechPolicy #Regulation #DualUse #NationalSecurity #ExportControls #AI #EU #Transatlantic #QubitsforPeace #Democracy #CIGI #StanfordRQT #ColumbiaLaw

👍 The בנק ישראל Bank of Israel has published a directive addressed to “Banking Corporations and Licensed Payment Service Providers Chairman of the Board and CEO” on requirements related to cyber risks associated to the development of quantum computing. Highlights: 👉 It is important to prepare the banking system for information security and cyber risks related to quantum computing. 👉 Organizations are required, at a minimum, to: 📌 Raise awareness within the banking corporation, continuously monitor developments in quantum computing, and assess the associated cyber risks Inform all relevant parties within the banking corporation, including the board of directors and senior management 📌 This topic should be discussed periodically in line with technological developments, at least once every two years, and include a review of general developments in quantum computing 📌 Continuously monitor ongoing developments in quantum computing that may impact cyber defense 📌 Integrate quantum computing considerations into the cyber risk management process with the supply chain 📌 Avoid reliance on suppliers and manufacturers that are not preparing for the quantum era 👉 Mapping and Managing Encrypted Information Assets 📌 Map encrypted information assets and processes (Discovery and inventory) 📌 Create a transition plan 📌 Metadata to include in the inventory: - Type of encryption algorithm and key length - Information owner’s details - Systems and applications using the algorithm - Duration for which the encrypted information is valid and must remain encrypted - Sensitivity and criticality level of the information 👉 Development of skills and capabilities 📌 Start preparing to build an infrastructure that will enable the banking corporation to be adequately prepared: 📌 Train employees 📌 Define the resources that will be needed 📌 Assess the compatibility with PQC of the existing infrastructure 📌 Prepare for the transition 📌 Identify affected policy documents and procedures, and plan to update and validate them 📌 Define alternative solutions for cases where systems cannot be converted Organizations are required to develop an initial plan addressing these points. The plan should be discussed by the board of directors and management. 📅 This preparedness plan should be submitted to the Banking Supervision Department within one year from the date of the directive (January 7th, 2025).   This directive reminds the advisory published by the Monetary Authority of Singapore (MAS) on February 2024, although it is more execution oriented, including a deadline. Bank of Israel directive: https://lnkd.in/dQj-dyce MAS advisory: https://lnkd.in/dSbpTuYK #cybersecurity #pqc #quantum #cryptography

Policy Consulting White Paper by GGI Fellows under the Council on Sustainable Development - Quantum Computing and Artificial Intelligence: A Comparative Analysis of Growth, Governance, and #Policy Challenges Global Governance Initiative is delighted to submit this white paper to the Ministry of Electronics and Information Technology- This document focuses on AI’s contrasts with QC’s nascent but geopolitically strategic development. By collaborating with stakeholders and utilizing data-driven strategies, GGIians proposal including- 1. integrated regulation, 2. post-quantum cryptography, 3. workforce development, and a 4. global quantum governance body. Author: Sam Chalyanth, and Shreya Goyal Mentor: Karan Patel https://lnkd.in/fviffWw

🏦 𝗚𝟳 𝗮𝗱𝘃𝗶𝘀𝗲𝘀 𝗮𝗰𝘁𝗶𝗼𝗻 𝘁𝗼 𝗰𝗼𝗺𝗯𝗮𝘁 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝘀𝗲𝗰𝘁𝗼𝗿 𝗿𝗶𝘀𝗸𝘀 𝗳𝗿𝗼𝗺 𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗖𝗼𝗺𝗽𝘂𝘁𝗶𝗻𝗴 The G7 Cyber Expert Group (CEG), chaired by the U.S. Department of the Treasury and the Bank of England, released a public statement this week, highlighting the potential cybersecurity risks associated with developments in quantum computing and recommending steps for financial authorities and institutions to take to address those risks. Quantum computers, expected to emerge within a decade, could break current cryptographic methods that are used to secure financial data. The Committee recommends that financial entities develop quantum-resilience strategies now, including adopting newly released NIST encryption standards, assessing risks, and creating plans to mitigate quantum threats. 𝗙𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗲𝗻𝘁𝗶𝘁𝗶𝗲𝘀 𝘀𝗵𝗼𝘂𝗹𝗱 𝗰𝗼𝗻𝘀𝗶𝗱𝗲𝗿 𝘁𝗮𝗸𝗶𝗻𝗴 𝘁𝗵𝗲 𝗳𝗼𝗹𝗹𝗼𝘄𝗶𝗻𝗴 𝘀𝘁𝗲𝗽𝘀 𝘁𝗼 𝗮𝗱𝗱𝗿𝗲𝘀𝘀 𝘁𝗵𝗶𝘀 𝗲𝗺𝗲𝗿𝗴𝗶𝗻𝗴 𝗿𝗶𝘀𝗸: ►Developing a better understanding of quantum computing, the risks involved, and strategies for mitigating those risks. ►Assessing quantum computing risks in their areas of responsibility. ►Developing a plan for mitigating quantum technology risks. The G7 CEG encourages financial authorities to work closely with firms and other relevant parties in their jurisdiction to raise awareness of the importance of the transition to quantum-resilient technologies. You can read more below 👇 Check out 𝙌𝙪𝙖𝙣𝙩𝙪𝙢–𝙍𝙚𝙖𝙙𝙞𝙣𝙚𝙨𝙨 𝘽𝙚𝙨𝙩 𝙋𝙧𝙖𝙘𝙩𝙞𝙘𝙚𝙨 𝙖𝙣𝙙 𝙂𝙪𝙞𝙙𝙚𝙡𝙞𝙣𝙚𝙨: https://lnkd.in/dDydSP3D #cybersecurity #financialservices #quantumcomputing