Are you ready for the day your encryption fails silently? Quantum Ready is not just a warning; it's a field guide for the era of quantum disruption. As quantum computing accelerates toward the threshold where today's encryption becomes obsolete, organizations must prepare now or risk a catastrophic breakdown in digital trust. Written by one of the world's first Field CISOs, this book delivers a strategic, vendor-neutral roadmap for CISOs, security architects, and IT leaders responsible for protecting long-term data and infrastructure. It introduces the Q-Ready Framework, a comprehensive…mehr
Are you ready for the day your encryption fails silently? Quantum Ready is not just a warning; it's a field guide for the era of quantum disruption. As quantum computing accelerates toward the threshold where today's encryption becomes obsolete, organizations must prepare now or risk a catastrophic breakdown in digital trust. Written by one of the world's first Field CISOs, this book delivers a strategic, vendor-neutral roadmap for CISOs, security architects, and IT leaders responsible for protecting long-term data and infrastructure. It introduces the Q-Ready Framework, a comprehensive five-phase approach to discovering, prioritizing, migrating, validating, and sustaining quantum-safe cryptography across the enterprise. In this hands-on guide, you'll learn how to: * Identify where vulnerable cryptography lives in your environment * Evaluate business impact using real-world risk models like Mosca's equation * Design migration and testing plans tailored to your infrastructure * Replace RSA, ECC, and other algorithms with NIST-approved quantum-safe alternatives * Apply post-quantum cryptography to TLS, VPNs, code signing, and IoT * Build crypto-agility into your systems, teams, and governance With practical checklists, actionable advice, and insights from hundreds of field engagements, Quantum Ready goes beyond theory and into the trenches. Whether you're already on your migration journey or just beginning to assess the threat, this book will prepare you to lead with confidence through one of the biggest shifts in cybersecurity history. The clock is ticking. Read now, and be the reason your organization is still trusted tomorrow.
Author Walt Powell, an experienced Executive Coach, and CISO Advisor, who has extensive experience working with countless CISOs and developing cybersecurity programs. Walt helped pioneer the role of Field CISO and is a founding member of the Global Security Strategy Office at CDW. Walt now leads a team of Field CISOs, composed entirely of former executives, who bring a wealth of experience and knowledge to their clients, underpinned by unique insights gained from contributing to and learning from the strategies of hundreds of CISOs & CIOs across every size of organization and vertical. Walt and his team leverage this wealth of knowledge and experience to provide executive coaching, support, and mentorship, to elevate other CISOs, their programs, and organizations. Sharing lessons and providing strategic guidance that would typically take several careers to acquire. Prior to his role at CDW, Walt was the owner and vCISO at Left Brain Security, which is now Left Brain Security Media. He has served as an award-winning cybersecurity leader, advisor, architect, pre-sales engineer, and has also served as a professor of networking and security at Wright College. Walt firmly believes in the importance of giving back to the industry, which is why he taught CISSP and CISM boot camps and contributes as a certification exam development committee member for numerous organizations. He holds an impressive array of professional certifications, including CISSP, CISM, C CISO, Carnegie Mellon CISO, the Stanford Advanced Cybersecurity Certificate, and numerous technical and sales certifications from leading cybersecurity firms. Walt also leads a cybersecurity book club, which is being launched as a podcast. Walt Powell is also the author of The CISO 3.0: A Guide to Next-Generation Cybersecurity Leadership, which is a practical guide for cybersecurity leaders looking to evolve into strategic business partners, offering tools, insights, and real-world examples to align security with enterprise goals and board-level priorities and reflecting Walt's mission to elevate the role of the CISO beyond technical execution. A proud Mensa member and futurist, Walt is deeply invested in exploring the implications of emerging technologies on cybersecurity. He actively contributes to the cybersecurity community by writing and speaking at industry conferences such as BSides, CypherCon, and Crowdstrike Fal.con, sharing white papers, and authoring articles on critical security topics. Beyond his professional life, Walt is a former professional musician and multi-instrumentalist who cherishes spending quality time with his children, traveling, and learning new languages.
Inhaltsangabe
Forward. Acknowledgements. About the Author. AI Usage. Preface. P.1 A Brief Primer on Cryptography and Its Building Blocks. P.2 Let's Begin. Introduction: Executive Summary and Overview. I.1 Why This Matters to Executives. I.2 Understanding the Risk in Business Terms. I.3 Why Now?. I.4 What Needs to Be Done. I.5 Executive Communication Toolkit. I.6 Final Thought for the Boardroom. SECTION I - INTRO TO QUANTUM READINESS. Chapter 1 - Why Quantum Threats Can't Be Ignored. 1.1 What This Book Will and Won't Cover. 1.2 A New Kind of Computing. 1.3 What Is Q-Day?. 1.4 Harvest Now, Decrypt Later. 1.5 Reframing the Risk: It's Not Just Data, It's Trust. 1.6 Conclusion. Chapter 2: How Quantum Breaks Encryption. 2.1 Classical vs. Quantum: The Basics. 2.2 Understanding Symmetric and Asymmetric Encryption. 2.2 Shor's Algorithm: Breaking RSA and ECC. 2.3 Grover's Algorithm: Weakening Symmetric Encryption. 2.4 Real Experiments: Demonstrating the Trajectory Toward Q-Day. 2.5 Conclusion. Chapter 3 - The Mosca Model and Why Time Is Not on Your Side. 3.1 Understanding the Model. 3.2 Applying the Model in Practice. 3.3 Are You Already Vulnerable?. 3.4 Conclusion. Chapter 4 - Overview of the Q-Ready Framework and How to Use This Book. 4.1 Why a Framework Is Needed Now. 4.2 Introducing the Q-Ready Framework. 4.3 Alignment with National Standards and Best Practices. 4.4 How to Use This Book. 4.5 What to Expect Next. SECTION II Phase 1: Discovery. Chapter 5 - Inventory Your Cryptographic Assets. 5.1 The First Step: Know What You Have. 5.2 What to Look For. 5.3 Beyond the Inventory. 5.4 Conclusion. Chapter 6 - Assess Quantum Vulnerabilities. 6.1 Evaluating Algorithm Risk. 6.2 Mapping Crypto to Data and Exposure. 6.3 Understand the System Landscape. 6.4 Threat Patterns to Watch For. 6.5 Step-by-Step: How to Perform a Vulnerability Assessment. 6.6 Building a Risk Profile. 6.7 Conclusion. Chapter 7 - Prioritize Critical Systems. 7.1 What Matters Most. 7.2 Risk, Sensitivity, and Exposure. 7.3 Building a Prioritization Model. 7.4 Assigning Resources and Timelines. 7.5 Step-by-Step: How to Prioritize Quantum Cryptographic Asset Vulnerabilities & Remediations. 7.6 Conclusion. SECTION III Phase 2: Planning. Chapter 8 - Develop a Migration and Testing Plan. 8.1 Creating a Post-Quantum Cryptography Policy. 8.2 Build a Migration Plan. 8.3 Define Crypto-Agility. 8.4 Key Components of a Migration Strategy. 8.5 Quantum Readiness Maturity Model. 8.6 Using Technical Readiness Levels (TRLs) to Prioritize Migration. 8.7 Develop a Testing Plan. 8.8 Conclusion. Chapter 9 - Engage Stakeholders and Secure Buy-In. 9.1 Start with Alignment, Not Awareness. 9.2 Business and Financial Planning for PQC. 9.3 Create a Post-Quantum Steering Committee. 9.4 Stand Up a Crypto Center of Excellence. 9.5 Designate a Champion: The PQC Czar. 9.6 Facilitate Cross-Functional Task Forces. 9.7 Make Quantum Readiness Part of the Culture. 9.8 Organizational Change Management for Post-Quantum Cryptography. 9.9 Conclusion. Chapter 10 - Define Success Metrics and Risk Tolerance. 10.1 Defining What Success Looks Like. 10.2 Track Progress with Metrics and KPIs. 10.3 Incorporating Key Risk Indicators (KRIs). 10.4 Establishing Risk Tolerance for PQC. 10.5 Metric Evolution. 10.6 Conclusion. SECTION IV Phase 3: Implementation. Chapter 11 - Replacing Vulnerable Algorithms. 11.1 From Classical to Quantum-Safe: What Needs Replacing. 11.2 Transport Protocol Security. 11.3 Hybrid Certificates and Dual Stacks. 11.4 Code Signing and Software Integrity. 11.5 PQC in APIs and Applications. 11.6 PQC for Data Encryption. 11.7 Shared Responsibility Model. 11.8 Conclusion. Chapter 12 - Enhance Key Distribution and Generation. 12.1 From PRNG to QRNG: Building Keys with True Entropy. 12.2 ML-KEM and the Shift in Key Exchange. 12.3 Quantum Key Distribution (QKD): Physics Over Math. 12.4 Hardware Security Modules and Key Vaults for PQC. 12.5 Conclusion. Chapter 13: Integrate PQC into IoT & Embedded Systems. 13.1 Long-Lifecycle Hardware and ICS Challenges. 13.2 Lightweight Cryptography for Constrained Devices. 13.3 PQC-Aware Firmware Updates. 13.4 Building PQC into Hardware and Software Products. 13.5 Managing Irreplaceable Legacy Systems. 13.6 Conclusion. SECTION V Phase 4 - Validation. Chapter 14: Test Deployed Solutions for Functionality. 14.1 Interoperability Testing. 14.2 Regression Testing. 14.3 Latency Testing. 14.4 Security Testing. 14.5 A Framework for Functional Testing. 14.6 Tools and Validation Suites. 14.7 Conclusion. Chapter 15: Monitor for New Threats & Issues. 15.1 Monitoring Post-Quantum Cryptography in Production. 15.2 SOC Integration and Monitoring Tools. 15.3 A Framework for PQC Monitoring. 15.4 The Evolving Role of Incident Response in a Post-Quantum World. 15.5 Conclusion. Chapter 16: Readiness Assessments and Compliance Audits. 16.1 Why Audits Matter in PQC Environments. 16.2 Aligning with NIST, CISA, and PCI DSS. 16.3 What Internal Auditors Should Review. 16.4 Preparing for the Auditor's Visit. 16.5 Conclusion. SECTION VI Phase 5: Maintenance. Chapter 17: Maintain Crypto-Agility. 17.1 What Maintenance Looks Like in a PQC Environment. 17.2 Preparing for Future Standard Changes. 17.3 Future-Proofing Beyond PQC. 17.4 Conclusion. Chapter 18: Monitor and Renew Certificates. 18.1 Why Certificate Monitoring and Renewal Matter. 18.2 The Lifecycle of a Certificate. 18.3 Managing Dual-Algorithm and Hybrid Certificates. 18.4 How Certificate Lifecycle Management and Key Management Fit Together. 18.5 Automating Certificate Lifecycle Management. 18.6 Ongoing Maintenance and Certificate Governance. 18.7 Conclusion. Chapter 19: Enhance Organizational Readiness. 19.1 Training for a Quantum-Aware Workforce. 19.2 Tabletop Exercises and Playbooks for PQC Incidents. 19.3 Appointing a Quantum Risk Owner. 19.4 Embedding PQC into Third-Party Risk Management. 19.5 Conclusion. Chapter 20 - The End Is Just the Beginning. 20.1 Looking Back on the Road We've Traveled. 20.2 Key Lessons to Carry Forward. 20.3 Preparing for What's Next. 20.4 Final Words of Guidance.
Forward. Acknowledgements. About the Author. AI Usage. Preface. P.1 A Brief Primer on Cryptography and Its Building Blocks. P.2 Let's Begin. Introduction: Executive Summary and Overview. I.1 Why This Matters to Executives. I.2 Understanding the Risk in Business Terms. I.3 Why Now?. I.4 What Needs to Be Done. I.5 Executive Communication Toolkit. I.6 Final Thought for the Boardroom. SECTION I - INTRO TO QUANTUM READINESS. Chapter 1 - Why Quantum Threats Can't Be Ignored. 1.1 What This Book Will and Won't Cover. 1.2 A New Kind of Computing. 1.3 What Is Q-Day?. 1.4 Harvest Now, Decrypt Later. 1.5 Reframing the Risk: It's Not Just Data, It's Trust. 1.6 Conclusion. Chapter 2: How Quantum Breaks Encryption. 2.1 Classical vs. Quantum: The Basics. 2.2 Understanding Symmetric and Asymmetric Encryption. 2.2 Shor's Algorithm: Breaking RSA and ECC. 2.3 Grover's Algorithm: Weakening Symmetric Encryption. 2.4 Real Experiments: Demonstrating the Trajectory Toward Q-Day. 2.5 Conclusion. Chapter 3 - The Mosca Model and Why Time Is Not on Your Side. 3.1 Understanding the Model. 3.2 Applying the Model in Practice. 3.3 Are You Already Vulnerable?. 3.4 Conclusion. Chapter 4 - Overview of the Q-Ready Framework and How to Use This Book. 4.1 Why a Framework Is Needed Now. 4.2 Introducing the Q-Ready Framework. 4.3 Alignment with National Standards and Best Practices. 4.4 How to Use This Book. 4.5 What to Expect Next. SECTION II Phase 1: Discovery. Chapter 5 - Inventory Your Cryptographic Assets. 5.1 The First Step: Know What You Have. 5.2 What to Look For. 5.3 Beyond the Inventory. 5.4 Conclusion. Chapter 6 - Assess Quantum Vulnerabilities. 6.1 Evaluating Algorithm Risk. 6.2 Mapping Crypto to Data and Exposure. 6.3 Understand the System Landscape. 6.4 Threat Patterns to Watch For. 6.5 Step-by-Step: How to Perform a Vulnerability Assessment. 6.6 Building a Risk Profile. 6.7 Conclusion. Chapter 7 - Prioritize Critical Systems. 7.1 What Matters Most. 7.2 Risk, Sensitivity, and Exposure. 7.3 Building a Prioritization Model. 7.4 Assigning Resources and Timelines. 7.5 Step-by-Step: How to Prioritize Quantum Cryptographic Asset Vulnerabilities & Remediations. 7.6 Conclusion. SECTION III Phase 2: Planning. Chapter 8 - Develop a Migration and Testing Plan. 8.1 Creating a Post-Quantum Cryptography Policy. 8.2 Build a Migration Plan. 8.3 Define Crypto-Agility. 8.4 Key Components of a Migration Strategy. 8.5 Quantum Readiness Maturity Model. 8.6 Using Technical Readiness Levels (TRLs) to Prioritize Migration. 8.7 Develop a Testing Plan. 8.8 Conclusion. Chapter 9 - Engage Stakeholders and Secure Buy-In. 9.1 Start with Alignment, Not Awareness. 9.2 Business and Financial Planning for PQC. 9.3 Create a Post-Quantum Steering Committee. 9.4 Stand Up a Crypto Center of Excellence. 9.5 Designate a Champion: The PQC Czar. 9.6 Facilitate Cross-Functional Task Forces. 9.7 Make Quantum Readiness Part of the Culture. 9.8 Organizational Change Management for Post-Quantum Cryptography. 9.9 Conclusion. Chapter 10 - Define Success Metrics and Risk Tolerance. 10.1 Defining What Success Looks Like. 10.2 Track Progress with Metrics and KPIs. 10.3 Incorporating Key Risk Indicators (KRIs). 10.4 Establishing Risk Tolerance for PQC. 10.5 Metric Evolution. 10.6 Conclusion. SECTION IV Phase 3: Implementation. Chapter 11 - Replacing Vulnerable Algorithms. 11.1 From Classical to Quantum-Safe: What Needs Replacing. 11.2 Transport Protocol Security. 11.3 Hybrid Certificates and Dual Stacks. 11.4 Code Signing and Software Integrity. 11.5 PQC in APIs and Applications. 11.6 PQC for Data Encryption. 11.7 Shared Responsibility Model. 11.8 Conclusion. Chapter 12 - Enhance Key Distribution and Generation. 12.1 From PRNG to QRNG: Building Keys with True Entropy. 12.2 ML-KEM and the Shift in Key Exchange. 12.3 Quantum Key Distribution (QKD): Physics Over Math. 12.4 Hardware Security Modules and Key Vaults for PQC. 12.5 Conclusion. Chapter 13: Integrate PQC into IoT & Embedded Systems. 13.1 Long-Lifecycle Hardware and ICS Challenges. 13.2 Lightweight Cryptography for Constrained Devices. 13.3 PQC-Aware Firmware Updates. 13.4 Building PQC into Hardware and Software Products. 13.5 Managing Irreplaceable Legacy Systems. 13.6 Conclusion. SECTION V Phase 4 - Validation. Chapter 14: Test Deployed Solutions for Functionality. 14.1 Interoperability Testing. 14.2 Regression Testing. 14.3 Latency Testing. 14.4 Security Testing. 14.5 A Framework for Functional Testing. 14.6 Tools and Validation Suites. 14.7 Conclusion. Chapter 15: Monitor for New Threats & Issues. 15.1 Monitoring Post-Quantum Cryptography in Production. 15.2 SOC Integration and Monitoring Tools. 15.3 A Framework for PQC Monitoring. 15.4 The Evolving Role of Incident Response in a Post-Quantum World. 15.5 Conclusion. Chapter 16: Readiness Assessments and Compliance Audits. 16.1 Why Audits Matter in PQC Environments. 16.2 Aligning with NIST, CISA, and PCI DSS. 16.3 What Internal Auditors Should Review. 16.4 Preparing for the Auditor's Visit. 16.5 Conclusion. SECTION VI Phase 5: Maintenance. Chapter 17: Maintain Crypto-Agility. 17.1 What Maintenance Looks Like in a PQC Environment. 17.2 Preparing for Future Standard Changes. 17.3 Future-Proofing Beyond PQC. 17.4 Conclusion. Chapter 18: Monitor and Renew Certificates. 18.1 Why Certificate Monitoring and Renewal Matter. 18.2 The Lifecycle of a Certificate. 18.3 Managing Dual-Algorithm and Hybrid Certificates. 18.4 How Certificate Lifecycle Management and Key Management Fit Together. 18.5 Automating Certificate Lifecycle Management. 18.6 Ongoing Maintenance and Certificate Governance. 18.7 Conclusion. Chapter 19: Enhance Organizational Readiness. 19.1 Training for a Quantum-Aware Workforce. 19.2 Tabletop Exercises and Playbooks for PQC Incidents. 19.3 Appointing a Quantum Risk Owner. 19.4 Embedding PQC into Third-Party Risk Management. 19.5 Conclusion. Chapter 20 - The End Is Just the Beginning. 20.1 Looking Back on the Road We've Traveled. 20.2 Key Lessons to Carry Forward. 20.3 Preparing for What's Next. 20.4 Final Words of Guidance.
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/5800/1497
USt-IdNr: DE450055826
