Highlights
Claude responded: Quantum mechanics basics: qubits vs.
- Quantum mechanics basics: qubits vs. classical bits, and implications for cryptography
- Classical cryptography review and its vulnerabilities to quantum attacks
- PQC definition and the NIST standardization process
- Lattice-based cryptography (e.g., NTRU, Learning with Errors)
- Hash-based cryptography (e.g., XMSS)
- Code-based cryptography (e.g., McEliece)
- Best practices for integrating PQC into existing systems
- Evaluating PQC security and potential attack vectors
- Current research directions and transition planning
Course Details
Overview of Quantum Computing and Cryptography
- Basics of quantum mechanics
- Quantum bits (qubits) vs. classical bits
- Implications for current cryptographic systems
- Review of classical cryptography
- Vulnerabilities of existing standards
Introduction to Post-Quantum Cryptography
- Definition and significance
- Overview of the NIST PQC standardization process
Post-Quantum Algorithms
- Lattice-Based Cryptography
- Key concepts and applications
- Popular schemes (e.g., NTRU, Learning with Errors)
- Hash-Based Cryptography
- Understanding hash-based signatures
- Existing schemes (e.g., XMSS)
- Code-Based Cryptography
- Introduction to code-based systems (e.g., McEliece)
- Implementation challenges
Implementation and Security Analysis
- Best practices for integrating PQC
- Hands-on exercises and code examples
- Evaluating the security of PQC algorithms
- Understanding potential attack vectors
Cryptographic Discovery, Governance and Migration Planning
• Building a cryptographic inventory (CBOM) and why discovery, not algorithm choice, is the binding constraint
• Mosca's inequality as a planning tool, and harvest-now-decrypt-later as a board-level risk
• Comparing published lifecycle and roadmap models (NIST, NCSC, NIS Cooperation Group) and their differing governance assumptions
• Establishing accountability: crypto-agility ownership, sequencing dependencies and trust-anchor management
Economics, Budgeting and Financial Reporting for PQC
• Estimating migration cost across cryptographic classes rather than treating it as a single line item
• Security economics: misaligned incentives, externalities and why under-investment is rational without intervention (after Anderson, 2001)
• When quantum vulnerability becomes a financial reporting matter (impairment triggers, regulatory capital, asset useful-life assumptions)
• Making the business case to a CFO rather than a CISO
Regulatory Compliance and Supply-Chain Implementation
• Mapping obligations under DORA, EBA operational-risk expectations and sector regulators
• Third-party and supplier dependency risk, including concentrated providers and CDN/TLS termination paths the organisation does not directly control
• Evidencing migration progress for auditors, regulators and risk committees
• Translating a technical migration into operational-risk taxonomy and incident-classification language
Who should attend
Security professionals, cryptographers, software developers, IT managers, and anyone interested in post-quantum security.
Feedback
4.8 out of 5 average
"Our tailored course provided a well rounded introduction and also covered some intermediate level topics that we needed to know. Clive gave us some best practice ideas and tips to take away. Fast paced but the instructor never lost any of the delegates"
Brian Leek, Data Analyst, May 2022
“JBI did a great job of customizing their syllabus to suit our business needs and also bringing our team up to speed on the current best practices. Our teams varied widely in terms of experience and the Instructor handled this particularly well - very impressive”
Brian F, Team Lead, RBS, Data Analysis Course, 20 April 2022