Cryptographic assets are fundamental to data privacy, secure communications, and digital trust. However, misused, outdated, or improperly configured cryptography can expose private data, intellectual property, communications, services, authentication and access.
Advances in quantum computers are likely to make traditional cryptography mechanisms unsafe to use in the 2030s. This necessitates migration to more secure ways of protecting digital infrastructure and services, especially organizations in highly regulated sectors like finance, healthcare, government, and aerospace. CBOMs are valuable for migration planning, providing insight into systems, services, applications and software components that leverage cryptography.
CBOMs allow organizations to:
- Prepare for migration to quantum safe applications, services and systems
- Proactively identify which cryptographic assets may be deprecated and unsafe
- Support cryptographic agility (the ability of a system to readily change its cryptographic algorithms or mechanisms)
- Satisfy regulatory and customer requirements for strong encryption
- Prepare for cryptographic-related supply chain audits or compliance frameworks