Only 6% of SSH servers ready for post-quantum encryption
The findings highlight concerns for the long-term confidentiality of communications across public networks, Secure Access Service Edge tools, and critical data handled in sectors such as military, diplomatic, and proprietary corporate environments. Forescout has developed a patented technology that detects non-quantum-safe encryption across information technology (IT), operational technology (OT), and internet of things (IoT) systems, in an effort to support organisations confronting the quantum threat.
Quantum computing threat
Forescout's technology utilises continuous analysis of device encryption to identify vulnerabilities to quantum attacks. Developed in 2023 and patented in 2024, this approach forms the basis of Forescout's "Quantum-Safe Security Assurance" strategy. The strategy is designed to help organisations identify, assess, and close security gaps associated with post-quantum cryptography (PQC) across IT, OT, and IoT environments.
The urgency around quantum security readiness is highlighted by a recent study from Omnia, which found that 40% of manufacturers expect to see customer use of quantum technologies by 2026. This timeline increases the risks posed by "harvest now, decrypt later" attacks, where adversaries store encrypted data today with the intention of decrypting it in future using quantum technology. "Quantum computing is no longer a far-off concept. It's a fast-approaching reality that will challenge the foundations of digital trust. Every organisation, public or private, needs to start thinking about post-quantum resilience across IT, OT, and IoT environments today. This is a rare opportunity to get ahead of a generational shift in cybersecurity before urgency overtakes strategy," said Barry Mainz, CEO of Forescout.
Platform strategy
Forescout's approach is anchored by its 4D Platform, which applies a four-part methodology: detection, enforcement, mitigation, and control. The technology evaluates the cryptographic ciphers supported by devices, assesses their compliance with post-quantum standards, and identifies encryption risks. Because it operates at the network layer, the solution is capable of uncovering risky encryption use, even where devices attempt to obscure their security posture.
The four-pronged strategy delivered through the Forescout 4D Platform includes: detection of PQC-safe assets in real time for a full view over cryptographic postures; enforcement of segmentation to protect critical systems; mitigation through threat intelligence to match policy enforcement with real assets or misconfigurations; and control, which limits traffic from high-risk devices. "As organisations prepare for a post-quantum future, detecting systems using outdated encryption is critical. Forescout is already delivering on this with our patented technology - the only solution that identifies non-quantum-safe ciphers in real time. Whether it's PHI from medical devices or financial data crossing the web, this level of visibility empowers our customers to assess risk accurately and prioritise remediation where it matters most," said Robert McNutt, Chief Strategy Officer at Forescout Technologies, Inc.
Slow adoption
The research also notes a slow migration towards PQC across global networks. Of 186 million SSH servers exposed to the internet, just 6% support quantum-safe encryption methods. Fewer than 20% of global communications employ Transport Layer Security (TLS) version 1.3, presently the sole version offering support for post-quantum cryptography. Although use of NIST-standardised algorithms such as ML-KEM has increased more than fivefold over six months, it still accounts for under 0.1% of servers worldwide.
Particularly in OT, IoT, and Internet of Medical Things (IoMT) environments, adoption of post-quantum encryption poses additional challenges, often necessitating upgrade or replacement of firmware or hardware. "We're seeing a clear drop-off in PQC migration once the early adopters are accounted for. The data shows that most systems aren't upgrading fast enough to keep pace with the advancing threat model," said Daniel dos Santos, Head of Research at Vedere Labs.
Mitigation steps
To address these threats, Forescout's research recommends several immediate measures for organisations. These include adopting PQC for devices reliant on third-party infrastructure, securing trusted network infrastructure from attackers, employing network tools capable of accessing SPAN ports, and avoiding use of ISPs and SASE tools for critical or highly protected systems.
The report emphasises that preparing for quantum threats is increasingly necessary, rather than a speculative exercise, as standards and attacker capabilities advance. Forescout positions its technology and platform to help organisations maintain oversight and control of encryption risks and remediate them before quantum technology is widely available to adversaries.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
2 days ago
- Techday NZ
Cello appoints Jon Waite to drive network transformation focus
Cello has appointed Jon Waite as National Solutions Architect, expanding its technical leadership team and delivery capacity to address the growing demand for robust connectivity solutions in New Zealand. This newly established position is part of Cello's ongoing strategy to broaden its technical capabilities and maintain high standards of service for organisational clients requiring secure, resilient, and adaptable network infrastructures. The company aims to address the increasing complexity of IT requirements as many businesses transition to cloud-based and hybrid work models. Cello's appointment of Waite is driven by the recognition that digital transformation remains a top priority for organisations across the country, which depend on reliable networks to ensure continuity of operations and to safeguard data. According to industry research cited by the company, close to 75 percent of enterprises have faced major IT disruptions within the past year, underscoring the need for proactive network architecture and comprehensive support mechanisms. Waite joins Cello with more than 20 years of experience in enterprise IT, including senior roles across cloud, virtualisation, and managed services. He was most recently General Manager Cloud at Datacom, overseeing solution design and delivery for a broad customer base. Prior to that, Waite spent more than 14 years as Chief Technology Officer at Computer Concepts Limited (CCL), contributing to managed services development and delivery capability. Andrew Allan, Managing Director of Cello, highlighted that the new role does not represent a shift in strategic direction, but rather strengthens existing efforts. Allan said: "This is about continuing to invest in our people and in our delivery capability. Jon brings valuable insight and experience that will help us continue to scale while staying true to our focus on service quality and customer outcomes." In his capacity as National Solutions Architect, Waite will collaborate with Cello's sales, engineering, and delivery teams. He will provide architectural guidance in areas including cloud networking, Secure Access Service Edge (SASE), and Software-Defined Wide Area Networking (SD-WAN), as well as support internal development efforts through mentoring and knowledge sharing initiatives. Waite commented on the evolving challenges faced by customers, stating: "As customers adapt to changing ways of working, and as technology environments become more distributed and security-focused, the network is playing a more critical role than ever. I'm looking forward to supporting Cello's customers as they navigate these shifts and continuing to build on the company's strong track record of delivering trusted, dependable enterprise network solutions." The appointment comes at a period of continued business growth for Cello, which reports increased customer demand for network modernisation and performance optimisation across a range of sectors. Recent organisational changes include the creation of a dedicated Procurement Division, led by industry veteran Francis File, combining sourcing expertise with enhanced vendor support. Allan provided further context around market demands and Cello's strategic direction: "We're seeing growing demand for network solutions that not only perform well, but are secure, future-ready, and designed to support increasingly hybrid and cloud-centric environments. Jon's experience will help us continue to respond to that demand in a way that aligns with our values and the needs of our customers." Cello's operational backbone is its nationwide Network Operations Centre (NOC), which is staffed by certified engineers who oversee network performance around the clock. Through this facility, the company undertakes preventive maintenance, incident resolution, and ongoing improvement initiatives to help clients lower risk exposure, meet stringent security requirements, and realise enhancements in network availability and overall performance. Follow us on: Share on:
Techday NZ
7 days ago
- Techday NZ
Only 6% of SSH servers ready for post-quantum encryption
Forescout has released new research indicating that just 6% of SSH servers currently support post-quantum encryption, exposing a significant proportion of vital data to the risk of being harvested now and decrypted once quantum computers become a practical threat. The findings highlight concerns for the long-term confidentiality of communications across public networks, Secure Access Service Edge tools, and critical data handled in sectors such as military, diplomatic, and proprietary corporate environments. Forescout has developed a patented technology that detects non-quantum-safe encryption across information technology (IT), operational technology (OT), and internet of things (IoT) systems, in an effort to support organisations confronting the quantum threat. Quantum computing threat Forescout's technology utilises continuous analysis of device encryption to identify vulnerabilities to quantum attacks. Developed in 2023 and patented in 2024, this approach forms the basis of Forescout's "Quantum-Safe Security Assurance" strategy. The strategy is designed to help organisations identify, assess, and close security gaps associated with post-quantum cryptography (PQC) across IT, OT, and IoT environments. The urgency around quantum security readiness is highlighted by a recent study from Omnia, which found that 40% of manufacturers expect to see customer use of quantum technologies by 2026. This timeline increases the risks posed by "harvest now, decrypt later" attacks, where adversaries store encrypted data today with the intention of decrypting it in future using quantum technology. "Quantum computing is no longer a far-off concept. It's a fast-approaching reality that will challenge the foundations of digital trust. Every organisation, public or private, needs to start thinking about post-quantum resilience across IT, OT, and IoT environments today. This is a rare opportunity to get ahead of a generational shift in cybersecurity before urgency overtakes strategy," said Barry Mainz, CEO of Forescout. Platform strategy Forescout's approach is anchored by its 4D Platform, which applies a four-part methodology: detection, enforcement, mitigation, and control. The technology evaluates the cryptographic ciphers supported by devices, assesses their compliance with post-quantum standards, and identifies encryption risks. Because it operates at the network layer, the solution is capable of uncovering risky encryption use, even where devices attempt to obscure their security posture. The four-pronged strategy delivered through the Forescout 4D Platform includes: detection of PQC-safe assets in real time for a full view over cryptographic postures; enforcement of segmentation to protect critical systems; mitigation through threat intelligence to match policy enforcement with real assets or misconfigurations; and control, which limits traffic from high-risk devices. "As organisations prepare for a post-quantum future, detecting systems using outdated encryption is critical. Forescout is already delivering on this with our patented technology - the only solution that identifies non-quantum-safe ciphers in real time. Whether it's PHI from medical devices or financial data crossing the web, this level of visibility empowers our customers to assess risk accurately and prioritise remediation where it matters most," said Robert McNutt, Chief Strategy Officer at Forescout Technologies, Inc. Slow adoption The research also notes a slow migration towards PQC across global networks. Of 186 million SSH servers exposed to the internet, just 6% support quantum-safe encryption methods. Fewer than 20% of global communications employ Transport Layer Security (TLS) version 1.3, presently the sole version offering support for post-quantum cryptography. Although use of NIST-standardised algorithms such as ML-KEM has increased more than fivefold over six months, it still accounts for under 0.1% of servers worldwide. Particularly in OT, IoT, and Internet of Medical Things (IoMT) environments, adoption of post-quantum encryption poses additional challenges, often necessitating upgrade or replacement of firmware or hardware. "We're seeing a clear drop-off in PQC migration once the early adopters are accounted for. The data shows that most systems aren't upgrading fast enough to keep pace with the advancing threat model," said Daniel dos Santos, Head of Research at Vedere Labs. Mitigation steps To address these threats, Forescout's research recommends several immediate measures for organisations. These include adopting PQC for devices reliant on third-party infrastructure, securing trusted network infrastructure from attackers, employing network tools capable of accessing SPAN ports, and avoiding use of ISPs and SASE tools for critical or highly protected systems. The report emphasises that preparing for quantum threats is increasingly necessary, rather than a speculative exercise, as standards and attacker capabilities advance. Forescout positions its technology and platform to help organisations maintain oversight and control of encryption risks and remediate them before quantum technology is widely available to adversaries.
Scoop
17-07-2025
- Scoop
Bitdefender, Scale Computing Partner On Cyber Edge Computing
Press Release – Bitdefender The new joint solution combines the self-healing automation and virtualisation power of Scale Computing Hypercore (SC//Hypercore) with Bitdefender GravityZone, a leading endpoint protection platform, to offer multilayered security for workloads, virtual … SYDNEY – 17 July 2025 – Scale Computing, a market leader in edge computing, virtualisation, and hyperconverged infrastructure, today announced a strategic partnership with Bitdefender, a global cybersecurity leader, to deliver advanced, integrated threat protection for private cloud and edge environments. The new joint solution combines the self-healing automation and virtualisation power of Scale Computing Hypercore (SC//Hypercore) with Bitdefender GravityZone, a leading endpoint protection platform (EPP), to offer multilayered security for workloads, virtual desktops, and data – regardless of location. Together, the two companies provide a streamlined path to protect, simplify, and optimise modern IT environments without compromising performance. 'As IT environments become increasingly distributed and decentralised, customers need simple yet powerful ways to secure workloads across their entire infrastructure,' said Jeff Ready, CEO and co-founder, Scale Computing. 'Bitdefender shares our vision of reducing complexity while increasing security and resiliency. Together, we're delivering a joint solution that protects critical applications and data – without adding operational overhead.' Bitdefender GravityZone integrates directly with SC//Platform through a lightweight, high-performance agent or centralised scanning appliance, enabling unified threat prevention, detection, and response across hundreds of virtual machines and endpoints. The combined solution supports centralised management, streamlined deployment, and ransomware resilience, all while reducing operational burden on IT teams. 'The rise of hybrid and edge computing environments has created new security challenges – and organisations need scalable, high-performance solutions that don't get in the way of innovation,' said Dan Russell, senior director of channel for North America at Bitdefender Business Solutions Group. 'By partnering with Scale Computing, we're giving partners and customers a way to secure distributed infrastructure at the core and edge with enterprise-grade protection that's as seamless as it is powerful.' Key Benefits Include: Integrated protection for private cloud workloads, virtual desktops, and distributed applications Streamlined VDI security, threat detection, and real-time response Efficient deployment with minimal overhead using Bitdefender's centralised scanning options Resilience and uptime, with self-healing infrastructure from Scale Computing Reduced complexity and Total Cost of Ownership for IT and security operations This partnership provides a powerful solution for organisations operating across multiple sites, especially those without on-site IT staff, seeking unified infrastructure and cybersecurity protection in a single, scalable stack. To learn more about the joint solution, visit: or About Scale Computing Scale Computing is a leader in edge computing, virtualisation, and hyperconverged solutions. Using patented HyperCore™ technology, Scale Computing Platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime, even when local IT resources and staff are scarce. Edge Computing is the fastest-growing area of IT infrastructure, and industry analysts have named Scale Computing an outperformer and leader in the space, including being named the #1 edge computing vendor by CRN. Scale Computing's products are sold by thousands of value-added resellers, integrators, and service providers worldwide. When ease-of-use, high availability, and TCO matter, Scale Computing Platform is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights and G2. About Bitdefender Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumers, enterprises, and government environments, Bitdefender is one of the industry's most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioural analytics, and artificial intelligence and its technology is licensed by more than 180 of the world's most recognised technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world.
