Great mythbusting. The $100k+ cost per session key decryption really underscores why Q-Day framing is misleading. Most orgs are overreacting to asymmetric encryption threats while missing that their stored data usingsymmetric encryption is fine. The harvest now decrypt later threat model makes sense for nation state actors with long time horizons but doesn't justify mass panic for comercial entities. Prioritizing network transmission data over stored data is the key insight most miss.
Thanks! I’m trying to do what I can to get the messaging out. It doesn’t help when supposedly reputable sources tell organisations to review their sensitive data stores and how long they retain that data for!
Great mythbusting. The $100k+ cost per session key decryption really underscores why Q-Day framing is misleading. Most orgs are overreacting to asymmetric encryption threats while missing that their stored data usingsymmetric encryption is fine. The harvest now decrypt later threat model makes sense for nation state actors with long time horizons but doesn't justify mass panic for comercial entities. Prioritizing network transmission data over stored data is the key insight most miss.
Thanks! I’m trying to do what I can to get the messaging out. It doesn’t help when supposedly reputable sources tell organisations to review their sensitive data stores and how long they retain that data for!