ISARA Corporation is building quantum computer-resistant solutions to make vulnerable hardware and software compliant with quantum safe standards. The ISARA Corporation vision is a world where consumers, enterprises and governments can benefit from the power of quantum computing with protection against quantum attacks. Below is our interview with Scott Totzke, CEO at ISARA Corporation:
Q: Scott, how would you describe ISARA Corporation in your own words?
A: ISARA is a security solutions company that offers quantum readiness planning and quantum computer-resistant products to make vulnerable hardware and software compliant with quantum safe standards. The Quantum Valley Investment (QVI) fund is ISARA’s lead investor, fully funding us since our launch in 2015. QVI’s support, as well as the extensive business experience of our executive team, has allowed us to be focused and aggressive in our R&D efforts, as well as our hiring strategies. We are 21 employees, and we’re currently recruiting security researchers, software developers, and QA analysts. To our knowledge, we are the largest company working on complete quantum resistant cryptographic solutions for easy integration into existing security protocols and systems.
Q: Why did you found ISARA?
A: Similar to the Y2K crisis, the technology industry is now facing a ‘Y2Q’ (years to quantum) challenge that has a limited timeline and requires significant work to ensure systems and information are properly protected. The massive processing power of quantum computers is such that all security that depends on existing standards is vulnerable, and most experts agree that Y2Q could be here by 2026. With all of the investment and excitement surrounding advances in quantum computing, we here at ISARA noticed that the security impacts of quantum computers were being greatly overshadowed by focus on the transformational opportunities for this new technology. We recognized that the industry needs an organization to really push the security agenda to the forefront and bring together academic researchers, standards bodies, government agencies, security experts and highly specialized, professional developers to start building new security solutions before quantum computers become a major threat. Our first product release of ‘drop-in’ quantum resistant algorithms is commercially available today to replace the algorithms that quantum computers will break. It will allow our customers to create security solutions that will protect conventional computers against quantum attack.
Q: You’ve recently released a product to help solution providers for quantum resistant security; what’s next?
A: We’re building our professional consulting services to meet the demand for quantum readiness assessments. Every day we see wider acceptance of the problem we’re solving and the need for our products. In our conversations with governments and CIOs, it’s clear that they understand the problem we’re solving and the urgency of Y2Q, and they want to engage with us now. We recognized that need when we brought our first product to market. We’re also developing additional products to add to our suite of quantum resistant security solutions, working steadily toward our next product launch in early 2017.
Q: Can you give us more insights into how you can guide customers through evaluating their quantum security risks?
A: We have the expertise to help our customers assess where they need to ensure confidentiality of data to prevent compromises that can happen today – attackers can intercept and store encrypted data (this is called ‘harvesting’) and decrypt it however many years down the road when they get their hands on a full-scale quantum computer. Customers who have a legal responsibility to protect data privacy know how devastating it could be to find they’ve fallen victim to a ‘harvest & decrypt’ attack. We can help identify where those risks exist and start upgrading their systems to prevent that happening today. We can also assess where they need to add quantum resistant authentication schemes to their security strategy, and provide the integration options that will protect them when Y2Q hits, ensuring software updates can still be trusted, signed digital documents will remain authentic, and users and machines will not be impersonated.
When you look at this problem from the perspective of a CIO managing a large, multinational organization, you get a sense of how quickly the industry needs to move. Upgrading global infrastructure is a multi-year project at this sort of scale. Depending on the complexity of an organization’s infrastructure and volume of encrypted transactions, they may already be behind in planning. Large organizations should expect to take between 3 and 7 years to address all vulnerabilities. Their vendors really need to be ensuring they have quantum safe options ready 4 years from now to begin to meet their customer demand. The flexibility of our solutions allow them to be implemented alongside existing certified encryption so that they can co-exist and offer protection now and for future use. This way, their systems will be ready in the event that quantum computing breakthroughs happen more quickly than expected.
Every customer will have unique needs – there is no one-size fits all upgrade plan, and many customers will benefit from our systematic approach that phases quantum-resistant advanced security in while giving them the option of phasing aging security standards out of their systems.
Q: What makes ISARA unique?
A: We are the first to market with a product that can make quantum resistant security a reality today across a wide range of security solutions through ‘drop-in’ quantum resistant algorithms. We pride ourselves on our rigorous, vetted process for product development, design, coding, testing and maintenance, and our senior leaders have strong experience in delivering products to customers for whom the highest security and system reliability are principal requirements. We’ve done this work of bringing innovative security solutions to market before, and we have a great deal of practice ensuring that all requirements are properly covered. This is a seasoned team; most of our 21 employees have been working in the ICT industry for many years. Our executive leadership has longstanding industry experience bringing mobile security solutions to the Canadian, UK and US governments, as well as many large commercial organizations. We have strong ties to technology companies and financial enterprises with an investment in enhancing their security posture and protecting sensitive data for their clients. Respected industry leaders such as Google, Microsoft, and IBM all have quantum computing strategies in their product roadmaps, and in the commercial solution space, there are competitors emerging, but we’re uniquely qualified to address this problem.
To learn more about the work we’re doing, read our Introduction for CIOs and contact us to talk about how to manage your quantum risk and take the first steps toward the next generation of security.Activate Social Media: