惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

TaoSecurity Blog
TaoSecurity Blog
T
Troy Hunt's Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Vercel News
Vercel News
T
Threatpost
G
Google Developers Blog
T
Threat Research - Cisco Blogs
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
The Exploit Database - CXSecurity.com
H
Heimdal Security Blog
Google DeepMind News
Google DeepMind News
Cyberwarzone
Cyberwarzone
T
The Blog of Author Tim Ferriss
Know Your Adversary
Know Your Adversary
Hacker News: Ask HN
Hacker News: Ask HN
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Schneier on Security
B
Blog
V2EX - 技术
V2EX - 技术
NISL@THU
NISL@THU
C
CERT Recently Published Vulnerability Notes
W
WeLiveSecurity
C
Cybersecurity and Infrastructure Security Agency CISA
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Y
Y Combinator Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Spread Privacy
Spread Privacy
The Last Watchdog
The Last Watchdog
V
Vulnerabilities – Threatpost
N
Netflix TechBlog - Medium
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
N
News | PayPal Newsroom
Attack and Defense Labs
Attack and Defense Labs
Blog — PlanetScale
Blog — PlanetScale
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Microsoft Security Blog
Microsoft Security Blog
S
Security @ Cisco Blogs
人人都是产品经理
人人都是产品经理
爱范儿
爱范儿
P
Privacy & Cybersecurity Law Blog
P
Proofpoint News Feed
Project Zero
Project Zero
I
Intezer
罗磊的独立博客
H
Hackread – Cybersecurity News, Data Breaches, AI and More
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - Franky
SecWiki News
SecWiki News
Martin Fowler
Martin Fowler

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
Why Post-Quantum Compliance For Banks Starts In Containers
Mehran Farim · 2026-05-21 · via Forbes - Innovation

Mehran Farimani is CEO of RapidFort, one of the fastest-growing cybersecurity companies securing the global software supply chain.

getty

Financial institutions are under increasing pressure to prepare for post-quantum cryptography as global bodies like the G7 and Europol urge organizations to plan now for a complex, multiyear transition beginning toward the end of the decade.

This urgency follows the standardization of new quantum-resistant encryption algorithms by the National Institute of Standards and Technology (NIST), which provide a clear path forward but will take years to implement across modern stacks.

Considering the value and sensitivity of the data financial institutions hold and transmit, and the fact that attacks to steal information for future decryption are already underway via harvest now, decrypt later (HNDL) threats, the need to transition to post-quantum cryptography (PQC) standards is urgent.

However, too many institutions are working in the dark because most environments aren’t cryptographically visible. The challenge isn’t just adopting post-quantum algorithms; it's identifying where legacy cryptography lives across container images, third-party libraries and bloated software stacks.

You cannot migrate what you cannot see, and by the time you achieve that visibility and reduce your attack surface, the window to prepare will be much shorter than expected.

The quantum threat is on the doorstep.

While organizations begin migration, adversaries aren’t waiting for Q-Day, which is when quantum computers will be able to break current public-key encryption. Bad actors are preparing now with HNDL attacks, which involve stealing encrypted information with the aim of cracking it once quantum capabilities arrive.

Financial data is particularly vulnerable to this tactic, which has become widespread among malicious actors.

The SEC has cited projections that Q-Day could arrive as early as 2028. Forrester has called a practical quantum computer “plausible” by 2030. Whether the timeline is two years or seven, the data being exfiltrated right now will still be sensitive when it arrives.

Start where the risk is already visible: containers.

Containers are known to contain a range of vulnerabilities, making them a common entry point for adversaries when attempting to move laterally.

If containers are so often the first target for malicious actors, it stands to reason that they should be in the first line of defense. For security and DevSecOps leaders, they are also where cryptographic sprawl is most present and easiest to deal with.

Container images are built in layers, and each layer brings its own cryptographic dependencies and risks. A base image pulled 18 months ago might carry an OpenSSL version with known cipher vulnerabilities, and a third-party package added during a crunch might ship with its own dependencies, some of which implement legacy encryption standards.

During updates and continuous development, updated or added components can reintroduce deprecated components across dozens of services before it is noticed.

Without clear, continuous visibility into these hidden dependencies and unnecessary packages, organizations end up inheriting cryptographic issues they don’t realize are there.​

Visibility is a prerequisite.

The most important factor in the transition is visibility into and security of the software environment. A software bill of materials (SBOM) is easy to produce and provides the first step via a machine-readable list of software components that make up your software stack.

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and 19 international cybersecurity organizations are already promoting SBOMs as essential to securing the digital supply chain.

But for PQC readiness, the value of an SBOM is not the inventory; it is using that inventory to eliminate what is unused during runtime. An SBOM is only as useful as the reduction in scope it enables: The fewer components requiring migration, the smaller your attack surface becomes.

Unnecessary packages and redundant components don’t just expand the attack surface; they clutter your view. Before you can begin migration, you need to know that what remains is necessary for the system or platform to properly run. That means reducing software sprawl first: identifying and removing unnecessary components and ensuring the inventory reflects the real production environment.

Organizations that skip this step may end up implementing cryptography across unnecessary software, increasing operational complexity and expanding exposure.

Visibility efforts also need to extend beyond the container. Dependencies don’t stop at the container, but they extend into other components in the software supply chain, including third-party integrations, SaaS dependencies, shadow IT and the upstream registries containers ultimately rely on.

If a dependency your container pulls from upstream has a vulnerability, that exposure will be carried throughout your environment. PQC migration requires tracing those dependencies and updating the cryptographic libraries and protocols they rely on, not just the components where encryption is most visible.

The time to start is yesterday.

Post-quantum migration is a multiphase effort and won't happen quickly. There are other steps involved in becoming quantum-ready, such as developing a clear implementation plan and testing PQC algorithms in a sandbox environment.

Organizations also need to ensure they can transition seamlessly from one set of algorithms (i.e., there are several NIST PQC algorithms and vendors) to another.

But it starts with visibility into your entire environment, including those components at the furthest reaches of the enterprise, such as containers. Transitioning to PQC standards requires that organizations establish a strong foundation. The key steps include:

Gain SBOM-level visibility. Build a complete inventory of software components and dependencies across your environment.

Remove unused software. Shrink the attack surface and reduce migration scope by identifying and eliminating unnecessary runtime components.

Eliminate known security vulnerabilities. Introduce hardened and curated images that eliminate the common vulnerabilities and exposures (CVEs) in the stacks.

Apply this process to development. Extend this process continuously to any new software introduced into the product, system or platform. ​

Finding the locations of every component that needs PQC algorithms is no easy task, but it can be done. Financial institutions that haven’t made progress on their own transitions should start now if they intend to meet the transition timelines already taking shape across the industry.​


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?