## **Know your public endpoints, TLS version and cypher suites before Friday**
Every day we hear news about how artificial intelligence is accelerating research and development in life sciences, pharmaceuticals, and robotics, but the same is true for mathematics and physics.
As a cybersecurity professional, your instincts should be at near constant tingle with the threats and opportunities that this acceleration poses. Specifically, in the realm of quantum computing and what it means for RSA encryption. Estimates suggest that once QC becomes commercially viable, Shor’s algorithm will be able to crack RSA in approximately 9 minutes.
NIST has called for phasing out RSA by 2030, but I argue that AI acceleration + data retention requirements (depending on your industry) + HNDL means you need to act now. That starts with knowing where you are vulnerable so you can make a plan.
## So, here is the MondayMove
Without any fancy tools or budget, open a text file and document these answers. What: - Are your public endpoints? - Version of TLS is in use? (You will need to migrate to TLS 1.3.) - Cipher suites does your application support? (You will need to support ML-KEM.)? - Is the aging policy on these certs? (You will want to get to 47 days, per upcoming browser requirements, which likely means investing in automation.)? - Version of your application introduces support for TLS 1.3 + ML-KEM? (This one will take some research)?
Start this today. Surface it with your organization. The work needs to begin now, and the first step is understanding the full breadth of what you’ll need to do.
Discussion