Quantum Computing’s Latest Breakthrough: Why Government Encryption Standards Face a New, Unexpected Threat

Posted on by Harvey Morrison

Last week, international scientists made headlines by successfully cracking a 50-bit RSA encryption integer using D-Wave’s Advantage quantum computer. While it’s true that a 50-bit key is vastly smaller than the 2048-bit keys used in modern RSA encryption, the significance of this achievement lies in how it was done. Unlike traditional attacks based on Shor’s algorithm and quantum gate computers, the researchers utilized a quantum annealing system, designed for optimization rather than direct factoring. This shift in approach raises important questions about the timeline for when quantum computers could crack full-scale RSA encryption, potentially accelerating the threat to current cryptographic standards far sooner than expected.

Marion Square Quantum Computing and Cybersecurity Blog Embedded Image 2024

For years, the vulnerability of public key encryption has been understood primarily as a factoring problem, since the security of encryption algorithms like RSA relies on the difficulty of factoring large composite numbers. Shor’s algorithm, widely regarded as the most probable path to breaking public key encryption, is designed specifically to factor these numbers exponentially faster than classical methods, posing a significant future threat to encryption systems. However, in a surprising turn, the international researchers in this recent attack used a quantum annealing computer, which is designed for optimization tasks, not factoring. This innovative approach represents a completely different method of breaking RSA encryption, highlighting that the threat from quantum computing may emerge from unexpected directions, advancing the risk timeline beyond what many experts anticipated.

This breakthrough also underscores the growing versatility of quantum annealing in solving problems once thought exclusive to gate-based quantum computers. Traditionally, annealing systems have been seen as ideal for optimization problems in fields such as logistics, material science, and machine learning—not for cryptographic attacks. However, the international researchers effectively re-framed RSA decryption as an optimization challenge, unlocking new potential in quantum annealing. While quantum annealing computers like D-Wave’s systems were not originally designed for factorization tasks, this achievement raises important questions about their ability to scale to larger key sizes and tackle more complex encryption algorithms. If quantum annealing can be adapted for cryptography at higher levels, it could potentially shorten the timeline for when quantum computers might become a real-world threat to encryption standards. Though hurdles remain, this new approach widens the scope of quantum threats to cryptographic systems, showing that the race to quantum-safe encryption may need to accelerate.

In conclusion, this breakthrough in quantum annealing highlights the increasing urgency for federal agencies to prioritize their post-quantum encryption (PQE) transition. The rapid evolution of quantum computing, coupled with the potential for new cryptographic vulnerabilities, underscores the need to meet the milestones set by NSM 10 and OMB 23-02. Agencies that have not yet initiated or fully engaged in this process risk falling behind as quantum advancements accelerate. The time to act is now—establishing cryptographic leadership, conducting comprehensive inventories, and securing appropriate resources are critical first steps. Preparing today will ensure the resilience of federal systems in a quantum-enabled future.

To learn about the latest standards set forth by NIST and how Marion Square can support your Quantum Computing and compliance initiatives, view our webinar, “Mastering NIST PQE Standards: A Guide for Federal Compliance.”

Equipping a Cybersecurity Innovator to Succeed in the Government Market

Posted on by Harvey Morrison

Nothing succeeds like success. And nothing hampers long-term results more than an inability to achieve quick wins.

If you’re entering an unfamiliar market, don’t know where to begin, and can’t seem to gain traction, you have few accomplishments to build on and no clear path forward. If, on the other hand, you have verifiable market intelligence, a time-tested go-to-market strategy, and a proven execution playbook, you’re well on your way to achieving positive, repeatable outcomes.

That was both the challenge and the opportunity for CloudCover, a promising provider of cyber solutions. CloudCover is unique in that it’s both a cybersecurity innovator and an insurtech trailblazer, combining robust cyber safeguards with effective risk management.

With U.S. government organizations spending close to $19 billion, a year on cybersecurity, CloudCover recognized an opportunity to target the public sector. But as the company discovered, pursuing government contracts can be complex, time-consuming and costly. It requires accurate market intelligence, connections with the right decision-makers and contracts, and a clearly defined sales plan.

Fortunately for CloudCover, Carahsoft recognized the up-and-comer’s unique potential and connected it with Marion Square. Carahsoft and Marion Square are now empowering CloudCover with a detailed market assessment, go-to-market plan, and playbook for winning in the government space.

Cyber Innovations to Benefit Government

CloudCover’s CyberSafety CC/B1 Platform provides intelligent threat management delivered in a platform-as-a-service (PaaS) model. With automated security assisted by artificial intelligence (AI), the solution offers millisecond detection speed, 99.9999999% verified accuracy, and “firewall everywhere” orchestration.

But what makes CloudCover really stand out is that it has created a new market category: end-to-end network cybersecurity plus insurance. The company’s CyberSafety Insurance Coverage portfolio includes a ransomware warranty, a cyber liability and business interruption product, and a network data insurance offering. Coverage is based on risk scores generated by its CyberSafety Registry service.

CloudCover knew its offerings could benefit agencies. But it faced two challenges. First is that there are dozens of smaller cyber providers vying for a piece of the market. Second is that it lacked a reliable gameplan for identifying government contracts and connecting with government stakeholders.

That’s where Marion Square comes in. Carahsoft and Marion Square recently announced a partnership, to provide market intelligence to emerging-tech companies. Through a shared-cost model, companies in Carahsoft’s emerging-tech portfolio can work with Marion Square to complete a market assessment that identifies product fit and growth opportunities.

Homing In on the Right Opportunities

While CloudCover’s offerings are unique, the challenges it faces are not. Many smaller vendors have limited resources for business development and few contacts in the public sector. They might send out thousands of untargeted emails or hold meeting after meeting with prospects, but no business results from their efforts.

Marion Square takes a more effective and refined approach based on decades of proven success. We started by working closely with CloudCover to understand its offerings and business model. We then canvassed the marketplace to identify the best opportunities and the most effective ways to pursue them.

Next, we provided CloudCover with a plain-English market assessment that would give the company a clear, pragmatic road map to success. We identified opportunities for both shorter-term quick wins and longer-term strategies to invest in over time.

For example, in the long term the company plans to pursue contracts with larger federal agencies. But in the short term, its biggest opportunities lie in the state, local and education (SLED) market. Many of these organizations have had challenges with cybersecurity that make it difficult to obtain cyber insurance. CloudCover’s approach, combining intelligent threat management with insurance based on a cyber risk score, offers an attractive solution.

Custom-Tailored for Maximum Success

While Marion Square’s market assessment framework is built on proven best practices, we tailored the approach to CloudCover’s unique needs – as we do for all clients. That’s crucial, because not every vendor should enter the government market in the same way.

In fact, there are cases when we determine there are no current opportunities for a vendor in the space they’ve been targeting. In those situations, we advise on the most effective steps to break into a different market. That might mean targeting the Department of Justice instead of the Department of Defense, for example, or first achieving FedRAMP certification. The goal is to focus resources on the efforts most likely to derive outcomes.

CloudCover now has a well-defined sales execution plan. Marion Square holds a sprint call with the company every week to make sure it’s executing to plan and tracking opportunities. Carahsoft is adding value by leveraging its vast business network to connect the company with agencies and contracts. For CloudCover, long-term success will come over time. But at least it now has the tools to start succeeding.

Contact us today to speak to a member of the Marion Square team to learn more about leveraging this partnership to meet your organization’s initiatives.

Why Government Agencies Must Embrace Tomorrow’s Technologies – and Technology Providers – Today

Posted on by Michael Shrader

A good technology is one that meets your needs today. A better technology is one that future-proofs your organization for tomorrow. Many government agencies learned this fact when the Covid-19 crisis required them to pivot practically overnight to remote work and contactless services.

It’s understandable if your agency feels safer continuing to rely on the technology that served you well in the past. But your mission, the needs of your constituencies, and your operational challenges continue to evolve. It’s imperative that you keep your finger on the pulse of the emerging technologies that will serve you going forward.

It’s equally important to stay up to speed on the emerging-tech companies that are delivering cutting-edge solutions. Why? Because emerging-tech companies have the agile mindsets and business models to help you anticipate and respond to the challenges your agency will face in the future.

The Advantage of Ecosystem

Established IT providers can offer proven solutions. But they’re also incentivized to focus on keeping legacy technologies relevant and continuing to offer what sells today rather than what will drive your agency forward tomorrow. Similarly, they tend to match in-quarter investments to in-quarter results, rather than take risks on out-of-the-box innovations.

In contrast, emerging-tech companies are more likely to innovate without worrying about existing revenue streams or this quarter’s revenue projections. Likewise, they’re more in tune with future technology road maps and more responsive to quickly changing market dynamics.

Many emerging-tech companies are innovating around two technologies becoming increasingly important for government agencies: cybersecurity and artificial intelligence (AI).

Cyber threats are evolving at a dizzying pace. New threats, along with new threat actors, seem to emerge almost daily. Cybersecurity has become an arms race, and high-profile data breaches, executive orders and regulations continue to drive the need for agencies to invest in the latest and most effective cybersecurity protections.

On the AI front, organizations are collecting data at an escalating pace compared to even a couple of years ago. Agencies will require advanced machine learning (ML) capabilities to catalog and process that data for trend analysis, predictive analytics, and actionable intelligence.

The good news is that a lot of innovating is taking place in both cybersecurity and AI, and a lot of innovative companies are entering the market. These companies are developing new capabilities and spinning up new use cases to help agencies reduce risk and vulnerabilities, and make intelligent, data-driven decisions.

But making use of new point solutions can be a challenge. That’s why it’s important to look at emerging tech on more than a product-by-product basis. Instead, consider how each solution fits into a broader ecosystem. Many new technologies complement one another and fit together like puzzle pieces to create a larger solution. Approaching emerging tech as an ecosystem can enable you to identify and implement the solution you need faster and with a lower total cost of ownership (TCO).

Partnering for Emerging-Tech Intelligence

As part of our commitment to the public sector, Carahsoft recently announced a partnership with Marion Square to provide market intelligence to emerging-tech companies. Marion Square is a government-focused consulting firm that helps companies serving the public sector improve sales and growth.

Taking advantage of a shared-cost model, companies in Carahsoft’s emerging-tech portfolio can work with Marion Square on an initial market assessment to identify product fit and growth opportunities. These companies get information about the competitive landscape, relevant funded projects, and points of contact for these projects. This information helps them build their go-to-market plans.

A key aspect of the program is that it’s not one-size-fits-all. Instead, it’s custom-tailored to each company’s technology offering. In this way, we’re bringing government agencies the best technologies to meet their unique needs.

Serious About Serving the Public Sector

Building a program of this nature requires expertise in the public sector market and a commitment to providing government organizations with the most effective technology tools. We start by seeking out emerging-tech companies that don’t just try to build a better mousetrap. Instead, we look for innovators that have identified a use case that solves a unique but repeatable problem for a set of government customers.

In addition, we look for companies that are serious about serving the public sector. We know they’re serious if they’re investing in the staff, operations, and technology necessary to properly serve the market.

Carahsoft also offers a range of services to bring together companies with the agencies that can benefit from their solutions. For emerging-tech companies, we provide access to our network of value-added resellers and prime contractors. We also offer resources for marketing, demand generation, and lead identification and qualification. These value-adds are built on best practices and provided at scale, making them much more cost effective than if the companies were trying to handle these activities themselves.

In addition, we help eliminate barriers to market entry by giving customers access to our network of contract vehicles required to do business with the government. These include Governmentwide Acquisition Contracts (GWACs), Information Technology Enterprise Solutions (ITES), Second-Generation IT (2GIT) and Solutions for Enterprisewide Procurement (SEWP), as well as dozens of state and local contract vehicles.

In short, we enable organizations to connect with the best providers of the best solutions that solve the problems they need to solve. Agencies get access to solutions that address the issues they deal with today. Even more important, they can start to understand the technology that will meet the challenges they’ll face in the future.

Visit our website for more information on how Carahsoft can support your organization’s mission-critical technology needs.