ISB Report Flags Urgent Need for Quantum Resilience in India's Banking Sector

The ISB Institute of Data Science (IIDS) has released a report titled, "Quantum Resilient Banking: Strategies for a Secure Transition,” underscoring the critical need for India's Banking, Financial Services, and Insurance (BFSI) sector to prepare for the emerging threat of quantum computing.

Quantum computing is a revolutionary computing paradigm that harnesses the principles of quantum mechanics to solve problems beyond the reach of classical computers. Traditional computers process information using bits (0 or 1), which limits their ability to process complex information. Quantum computers, on the other hand, use the principles of quantum physics, like superposition, tunnelling, entanglement, and interference. Despite these advancements, significant challenges persist, including managing error rates, addressing scalability to millions of qubits, isolating systems from environmental noise, and ensuring consistent fabrication. Quantum systems face significant challenges from error rates and noise, which stem from their inherent fragility and sensitivity to environmental factors.

“Quantum Resilient Banking: Strategies for a Secure Transition” is a first-of-its-kind research in India that investigates significant vulnerabilities and a concerning lack of readiness for Post-Quantum Cryptography (PQC) implementation among surveyed BFSI CISOs/CTOs.

Key Findings

The study found a moderate understanding of quantum computing among BFSI CISOs/CTOs, with an average PQC readiness score of just 2.4 out of 5, highlighting a lack of preparedness. While common security measures like firewalls and endpoint protection are widely implemented, advanced techniques such as intrusion detection systems and vulnerability management tools remain underutilised.

The report also reveals that 57.5% of respondents believe quantum computing will pose a significant threat within three years. Phishing attacks emerged as the most frequent threat (65%), followed by DDoS attacks (47.5%) and social engineering (40%).

The report highlights that advancements in technology and telecommunications have significantly altered the cybersecurity threat landscape. While quantum computing brings opportunities, it significantly threatens current Public Key Cryptography (PKC) algorithms. The study also proposes a framework for PQC migration in the BFSI sector, considering data shelf life across the ecosystem. This framework ensures minimal disruption to existing infrastructure, Straightforward deployment across environments, and a future-proof architecture to address evolving quantum threats.

To address the emerging challenges, the report recommends accelerating PQC adoption, prioritising clear guidelines and standards by the government, funding research in quantum-resistant technologies, fostering stakeholder collaboration, and enhancing cybersecurity awareness and education. It also emphasises the need for a government-defined migration timeline and guidance on algorithm selection to ensure a smooth transition.

About The ISB Institute of Data Science (IIDS)

IIDS at the Indian School of Business is a research centre and educational hub focused on applying data science to solve real-world business problems. IIDS partners with industry and academia, driving innovation through cutting-edge research and fostering a data-driven culture. The Centre’s work spans various sectors, including cybersecurity, retail, digital media, and healthcare. Research projects tackle pressing issues like fraud detection, supply chain optimisation, and combating misinformation. IIDS aims to translate data-driven insights into tangible results, empowering organisations and individuals with the tools and knowledge to thrive in the data-centric world.