Moona Ederveen-Schneider

Thought Leadership

Post-Quantum Preparedness Framework

This paper debunks myths around post-quantum preparedness and explains why organisations need to start preparing today for a future where existing encryption methods fail against quantum computing, threatening data confidentiality and identity verification. For most, there is no need to panic but complacency is not an option.

Post-quantum preparedness as per my framework, also provides immediate benefits against these attacks and top-of mind threats such as ransomware and AI-enabled attacks. This paper is aimed at all levels and fields of practitioners and leaders and requires only basic understanding of encryption. To deepen understanding, additional references are listed at the end.

This framework is designed to make transition manageable and remove analysis-paralysis. Emergency procurement or massive dedicated project spend is not required at this point.

To be very clear, whilst many debate the exact timing of the arrival of quantum computing, attackers are harvesting sensitive data now and post-quantum security transformation takes a long time. In short, it is time to stop debating and start doing. This framework shows you how.

Practical Post-Quantum Transition Framework

Enter your email to receive the framework.
Open Download Form

Send download link to:

By downloading, you agree to data processing and to receive occasional emails from us. Your data will never be sold. You can unsubscribe at any time.

Ripple Effects: Anticipating Consequences; Multiplying Impact

https://nationalpreparednesscommission.uk/publications/ripple-effects-anticipating-consequences-multiplying-impact

This is my article written for the National Preparedness Commission. It explores complex or wicked cascading problems like technology outages or climate change, and inadequacies of traditional approaches to preparedness, where yesterday’s assumptions might become tomorrow’s vulnerabilities.

TIBER and CBEST – Beyond the Implementation Guide (June, 2024)

June, 2024

At FS-ISAC’s EMEA Summit, I moderated a fireside chat with industry powerhouses Lindsey Bateman (M&G) and Paul Collins (U.S. Bank) on a topic causing anxiety and noise in financial services: TIBER, CBEST, and the looming DORA requirements for threat-led penetration testing. This article lists key decisions to make and pitfalls to avoid.

With mandatory TLPT coming down the pipeline, this session cut through the confusion to provide practical guidance on what organisations can do now, before final regulations are even finalised.

We covered the regulatory landscape, common challenges, and why this is not just about compliance checkboxes. Read the full article for actionable recommendations from practitioners who have been in the trenches.

https://www.linkedin.com/pulse/tiber-cbest-beyond-implementation-guide-moona-ederveen-schneider-yjcpe/?trackingId=kmP%2BgvwUQbSSDZNJCNggUA%3D%3D

UK Finance Article: Financial Sector Preparations For Malicious AI Use (2024)

Article written for UK Finance.

https://www.ukfinance.org.uk/news-and-insight/blog/financial-sector-preparations-malicious-ai-use

UK Finance Article: Ransomware 2020: A Diversified Business Model (2020)

Article written for UK Finance.

https://www.ukfinance.org.uk/news-and-insight/blogs/ransomware-2020-diversified-business-model