Quantum-Safe Encryption: A Looming Imperative

The race to implement quantum-safe encryption is intensifying, driven by the looming threat of powerful quantum computers capable of shattering today’s standard cryptographic protocols. While widely available large-scale quantum computers are still a few years away—estimates range from seven to twenty years—the danger is already present through “harvest-now, decrypt-later” attacks. Adversaries can currently collect encrypted data, storing it in anticipation of a future when quantum decryption capabilities make it readable.

This immediate threat underscores the urgency for organizations to adopt robust post-quantum cryptography (PQC) solutions. Kevin Bocek, a senior vice president of innovation at CyberArk Software, highlighted this risk, particularly for databases using vulnerable asymmetric encryption. However, he noted that not all data requires immediate migration; short-lived access authentication tokens, for instance, are not at the same level of risk as long-term financial information, customer data, or trade secrets.

Organizations can assess their risk using Mosca’s Theorem, which calculates the security gap by summing the required data protection duration and the estimated encryption upgrade time, then comparing this to the projected arrival of quantum computers. If the combined protection and upgrade time exceeds the quantum computer’s arrival, a critical vulnerability exists. This means long-lived IoT devices, expected to operate for decades, require immediate PQC integration.

The Accelerating Quantum Threat and Regulatory Imperatives

The timeline for quantum computing advancements appears to be accelerating, intensifying the need for proactive cybersecurity measures. Leading quantum computing vendors have demonstrated quantum advantage, with IBM anticipating industry consensus on significant progress by 2026. Furthermore, IDC projects that by 2030, quantum-accelerated supercomputing will be leveraged by major governments, including the United States, the European Union, and China, to solve half of their complex defense and science-related problems, a scope that includes breaking current encryption schemes.

Blair Canavan, director of alliances for PKI and PQC at Thales, a multinational technology company, observes a widespread belief that a “cryptocalypse” is within five years. This growing consensus among industry experts highlights the critical and immediate nature of the quantum threat to digital security worldwide.

Fortunately, the development of quantum-safe encryption technology is also progressing rapidly. The National Institute of Standards and Technology (NIST) released its fifth quantum-safe encryption algorithm in early 2025, providing foundational tools for future-proofing digital defenses. The recommended strategy involves designing encryption systems with modularity, allowing for easy replacement of algorithms as they become obsolete or new, more secure algorithms emerge.

Regulatory bodies are also increasing pressure on organizations to transition to PQC. NIST published a draft white paper on PQC migration in September, aimed at helping organizations align their efforts with established cybersecurity risk management practices. Deadlines are rapidly approaching, with NIST stipulating that RSA, ECDSA, EdDSA, DH, and ECDH protocols will be deprecated by 2030 and fully disallowed by 2035. The European Union has set similar deadlines, urging member states to commence their PQC transition by the end of 2026.

In the United States, Congress is working on the bipartisan Quantum Encryption Readiness and Resilience Act, designed to encourage private sector PQC adoption. The Cybersecurity and Infrastructure Security Agency (CISA) is expected to release a PQC category list, establishing standards for data management, networking, and endpoint security. Additionally, a six-pillar cybersecurity strategy document from the current administration is anticipated to include post-quantum cryptography as a key component.

Despite these developments, the current state of PQC adoption is concerning. According to the Post Quantum Cryptography Coalition’s report, broad adoption of PQC is evident in only one area: hybrid encryption within TLS 1.3, not with pure pre or post-quantum encryption or signatures. The situation in the enterprise sector is even more dire, with a Trusted Computing Group survey of 1,500 industry professionals revealing that 91% lack a formal PQC roadmap. Furthermore, 80% reported their current crypto libraries and hardware security modules are unprepared for PQC integration, and only 39% have started compliance readiness assessments.

However, there is a silver lining: over half of respondents expect to implement at least one PQC algorithm by 2026, and 97% plan to invest 6% to 10% of their cybersecurity budgets in PQC over the next two years. The primary drivers for PQC adoption include contractual agreements with customers and partners, followed by industry consortium regulations, government mandates, publicized quantum security incidents, and vendor certification programs. An IBM survey of over 500 senior executives found global organizations to be at a “low level of quantum-safe readiness,” estimating it would take them 12 years to fully integrate quantum-safe standards. A major hurdle is that many companies are unaware of where encryption is deployed within their systems.

The Critical Need for Cryptographic Inventories

A fundamental first step in addressing the quantum encryption challenge is for organizations to conduct comprehensive cryptographic inventories. This involves meticulously identifying and cataloging all existing encryption mechanisms across their IT infrastructure. Without understanding the scope of current encryption use, developing an effective post-quantum migration strategy becomes virtually impossible.

According to an October survey by IBM and the Cloud Security Alliance, only 30% of organizations with annual revenues exceeding $250 million have completed a full cryptographic inventory of their applications, data, and services. Furthermore, only 24% are utilizing this information to guide their remediation efforts. This alarming statistic suggests that roughly three-quarters of companies are navigating the PQC transition blindly, lacking the foundational knowledge to secure their assets.

Biju Mathews, a partner at Mphasis, a digital transformation consultancy, points to a clear “visibility gap.” He explains that cryptography is often embedded within various components, including applications, infrastructure elements like load balancers and firewalls, and databases. To overcome this, Mathews recommends automated scanning tools designed to locate encryption mechanisms across systems. For third-party systems, vendors may provide documentation, but in its absence, a manual audit becomes necessary, albeit a challenging one.

Financial services companies are notably leading the charge in compiling these essential cryptographic inventories. Thales’ Canavan notes that every fintech client he works with has an active inventory effort underway, a significant shift from previous years when the urgency was less recognized. This proactive stance is critical, as the “event horizon” for quantum threats is rapidly approaching.

A report released in 2025 by HSBC, in collaboration with Thales and Infosec Global, aimed to assist CIOs, CTOs, and CISOs in inventorying their cryptographic assets. The report highlighted the inherent difficulty of this task, given that encryption keys, certificates, and algorithms can be deeply embedded in diverse systems, including applications, file systems, hardware devices, cloud services, and legacy infrastructure, making them exceedingly hard to locate and track.

Building comprehensive cryptographic inventories presents several challenges. Compiled applications, especially third-party software, can hide encryption deep within their code. Uncovering these requires deep subject matter expertise, particularly in large, complex infrastructures. Many systems also operate outside direct enterprise control, creating additional visibility problems. Furthermore, existing vulnerability and threat management tools are not typically designed for cryptographic inventory purposes. The dynamic nature of IT environments, with constant deployments, updates, and reconfigurations, adds another layer of complexity. Automation tools, while helpful, can have blind spots, leading to a false sense of security. Finally, the inventories themselves contain highly sensitive information, necessitating robust security measures for their protection.

Bridging the Readiness Gap and Future Outlook

Despite the acknowledged importance of post-quantum cryptography, a significant gap persists between strategic intent and concrete action within many organizations. IBM’s survey indicated that while 73% of organizations have a quantum-safe strategy, only a mere 19% have established near-term goals. This disparity often stems from organizational apathy and competing priorities.

Thales’ Canavan notes that building for the future is consistently a challenge for organizations. Many tend to postpone addressing quantum threats, viewing them as a distant problem overshadowed by more immediate concerns on their desks. Cybersecurity teams are frequently overwhelmed with urgent, current threats, leading to quantum readiness being perceived as a lower-priority initiative.

Gaining executive sponsorship is crucial for successful PQC adoption. Without it, funding for these initiatives often falters, forcing teams to divert resources from other critical areas or focus only on the most vulnerable parts of their infrastructure. Another significant hurdle is the current lack of binding regulations. While government agencies are issuing timelines and roadmaps, direct financial penalties for non-compliance with PQC standards are largely absent, unlike with regulations such as PCI. Canavan anticipates this will change within the next year, with regulatory bodies likely to introduce more stringent mandates.

Some industry professionals remain unconvinced about the immediate urgency of quantum threats. Quantum computing has been “10 to 20 years away” for decades, fostering a sense of skepticism. A recent ICASA survey of over 2,600 security and privacy professionals found that only 5% consider PQC a high business priority for the near future. The pervasive belief among executives, as revealed by IBM’s survey, is that vendors will handle the PQC transition, with 62% sharing this view. While vendors will play a significant role, organizations handling highly sensitive data, such as large financial institutions, will undoubtedly need to adopt a “trust but verify” approach. HSBC, for example, has actively engaged its vendor community within its cryptographic center of excellence to verify all scenarios.

Despite these challenges, there are tangible signs of progress. Cloudflare reported in October that over half of human-initiated traffic on its network now utilizes post-quantum encryption, marking a significant milestone. It is also important to remember that symmetric encryption, commonly used for data storage, is already quantum-safe, as it relies on a different cryptographic paradigm. The primary vulnerability lies with asymmetric encryption, which underpins public communications, online purchases, and banking transactions.

The widespread availability of TLS 1.3 offers a critical advantage, as it is already equipped for PQC. CyberArk’s Bocek highlights its capability for post-quantum safe key exchange, which currently offers the best defense against “harvest-now, decrypt-later” attacks on networks. Furthermore, upcoming changes to certificate lifecycles, with Microsoft, Google, and Apple enforcing shorter validity periods starting next year, present an opportunity. Modernizing TLS certificate management for PQC today will also prepare organizations for these stricter lifecycle requirements, providing an immediate business case for investment in PQC, which has historically been difficult to justify.

As organizations begin to allocate resources, Forrester predicts that quantum security spending will exceed 5% of overall IT security budgets next year. Chris Hickman, CSO at Keyfactor, a digital trust vendor, observes a significant shift in mindset. “Leaders increasingly understand that the quantum threat is not a distant possibility but a foreseeable event,” Hickman states. He adds that discussions have moved “from awareness to action,” focusing on gaining visibility into cryptographic assets and preparing for the PQC transition. The fundamental question is no longer “Will quantum computing be a threat?” but rather, “How do we prepare our systems, data, and governance now to stay secure in a post-quantum world?” This evolving perspective is crucial for navigating the complex landscape of quantum security.

A comprehensive cryptographic inventory should encompass several key elements. This includes operational cryptography, covering all on-premises and cloud-based encryption such as key exchange, message authentication codes, cryptographic keys, tokens, and both private and public keys used for TLS and client authentication, along with certificates, root certificate authorities, and trust stores. Software cryptography, embedded within internally developed applications and leveraging cryptographic libraries, also needs to be identified. Network cryptography, vital for communications via protocols like SSH, TLS, and IPsec, is another critical area. Additionally, managed cryptography, including hardware security modules, key management systems, and certificate lifecycle management tools, must be accounted for. Finally, hardware cryptography, used to secure IoT devices, edge devices, embedded trust modules, cryptographic chips, and industrial controllers, forms an integral part of the inventory.