Many companies face being uncovered to critical cyber threats as a result of quantum computing is ready to reach much more rapidly than anticipated.

The risk quantum computer systems pose to uneven encryption has been recognized about since 1994 when Peter Shor developed Shor’s algorithm.

However given the immense compute energy required, it’s lengthy been seen as a problem for one more day.

Quick ahead thirty years, and the age of quantum computing is approaching quick.

With first-movers already actively experimenting, PwC estimates it might be as little as 5 years earlier than adoption begins to ramp up extra broadly.^[1]

Nevertheless, with quantum processing energy doubtlessly quadrupling yearly, the timeline for quantum rollout might shrink additional.^[2]

Anton Tkachov, Managing Director and Cybersecurity Transformation Lead at PwC UK, states: “We as soon as believed the post-quantum period was a technology away. At the moment, it’s 5 years off; it could be even nearer subsequent 12 months.”

The quantum encryption risk

As quantum computing advances, at present’s uneven encryption will in time grow to be out of date and can’t be protected by simply persevering with to extend the important thing size.

Since cryptography underpins a lot of at present’s digital infrastructure, this shift poses a critical risk.

“Cryptography underpins each – safety of knowledge at relaxation and authentication,” says Tkachov. “Within the post-quantum period, each might be susceptible.”

It’s not simply future breaches that organisations want to fret about.

“Encrypted information stolen at present remains to be secure—for now,” warns Tkachov. “However as soon as quantum machines arrive, attackers will have the ability to crack that encryption, exposing delicate info, mental property, and eroding buyer belief.”

Knowledge, comparable to mortgage approvals and medical information nonetheless maintain enormous worth to dangerous actors, even years after it was first collected.

Realizing this, risk actors can stockpile stolen information and plan to unlock it the second quantum expertise catches up.

Boundaries to modernising cryptography

Within the face of this risk, organisations should begin remodeling their strategy to cryptography.

“We all know cryptography modernisation takes time,” explains Clinton Firth, Companion, Cybersecurity, PwC Center East. “When the Knowledge Encryption Customary (DES) was damaged in 1997, it took many companies practically a decade to totally transition to the Superior Encryption Customary (AES). This time, they don’t have such time to spare.”

Organisations face a number of crucial challenges in getting ready for the post-quantum period.

For instance, recruiting expertise is troublesome because of the skillset required whereas implementing quantum-safe applied sciences. Having to depend on a number of distributors for quantum-ready applied sciences is one other complicating issue.

Constructing quantum resilience

Based on PwC, elevating consciousness of the quantum risk is step one in direction of remediation.

“CISOs must recognise that it is a actual and quick danger—not an issue for tomorrow. This must be clearly understood, elevated to the danger administration perform, and positioned on the board’s radar and the organisation’s danger register,” says Firth.

From there, PwC recommends that organisations take the next actions:

• Appoint a quantum resilience officer to guide the post-quantum transformation. This function ought to drive functionality improvement, have interaction with regulators, and champion the organisation’s encryption technique.
• Revamp procurement processes to obviously outline encryption necessities for all third-party distributors and companions.
• Develop a cryptographic stock to map out the kinds, volumes, and places of cryptographic algorithms in use. This baseline is important for assessing danger and constructing a strategic transition roadmap.
• Analyse historic information loss to judge the potential future danger posed by compromised datasets in a post-quantum world.

These quick priorities will assist organisations construct a basis for the post-quantum world, with agility at its core.  

Tkachov explains: “Within the age of quantum computing, enterprises have to be prepared for a panorama the place cryptographic algorithms could also be damaged repeatedly. The objective must be crypto agility—the power to rapidly adapt and transition to new encryption strategies as threats evolve and requirements emerge.”

To study extra about how organisations can put together for the post-quantum world, register for PwC’s new webinar right here.

To seek out out extra about Clinton Firth, click on right here.

To seek out out extra about Anton Tkachov, click on right here.

To study extra go to us right here

That is for common info functions solely.

2025 PwC. All rights reserved

^[1] PwC, “Quantum computing: is our information nonetheless secure?” January 2025 https://www.pwc.nl/en/matters/blogs/quantum-computing-is-our-data-still-safe.html

^[2] Neven’s Legislation means that quantum computer systems are bettering at a “doubly exponential” fee relative to classical computer systems. See: “A New Legislation to Describe Quantum Computing’s Rise?”