As the industry marks World Quantum Day, cybersecurity experts are offering differing perspectives on how urgently organizations should prepare for the risks posed by quantum computing, particularly its potential to break modern encryption. The debate reflects a broader shift in how enterprises are evaluating long-term data protection strategies. While some leaders argue that quantum computing is already influencing business and security decisions, others believe organizations should prioritize more immediate threats, such as AI-driven cyberattacks, before committing significant resources to quantum readiness.

Robin Macfarlane, President and CEO of RRMac Associates, warned that many organizations are underestimating how far quantum computing has already progressed. He pointed to its growing use across industries, including financial services, artificial intelligence, and data analysis, by companies such as IBM, Microsoft, and Google.

Macfarlane emphasized that quantum advancements are not just theoretical but are already shaping enterprise systems and infrastructure. He highlighted initiatives such as IBM’s quantum-safe features in its z16 mainframe as evidence that organizations are beginning to adapt to emerging risks. From this perspective, the threat of “harvest now, decrypt later” attacks where adversaries collect encrypted data today with the intent to decrypt it in the future represents a pressing concern, particularly for sectors with long data retention requirements such as banking and government. Macfarlane urged organizations to act proactively by auditing encryption systems, investing in training, and preparing to adopt post-quantum cryptographic frameworks.

In contrast, Jon Abbott, CEO and co-founder of ThreatAware, advocates a more measured approach. He argues that while quantum computing is an important future risk, organizations should not divert attention from more immediate and active threats, particularly the rapid evolution of AI-powered malware.

Abbott noted that although the National Institute of Standards and Technology published post-quantum cryptography standards in 2024, there is still uncertainty around how future quantum systems will evolve. He recommends that organizations begin by building an inventory of their current encryption use, focusing first on critical systems and external-facing infrastructure rather than attempting a full-scale migration.

Ad Banner

His approach emphasizes prioritization and practicality, suggesting that resources should be directed toward systems with the longest operational lifespan while allowing less critical or soon-to-be-replaced systems to remain unchanged for now.

The differing viewpoints highlight an emerging divide in cybersecurity strategy. One group of experts is pushing for early adoption of quantum-safe technologies, particularly in high-value and long-lived systems. Another group is advocating for a phased approach, focusing on current threats while gradually preparing for future quantum risks.

Despite these differences, both sides agree on a key issue: many organizations still lack visibility into their encryption landscape. Without a clear understanding of where and how cryptography is used, enterprises risk falling behind as regulatory requirements and industry standards evolve.

As quantum computing continues to develop, organizations are being forced to balance immediate cybersecurity priorities with long-term resilience planning. While AI-driven threats dominate today’s risk landscape, the potential impact of quantum computing on encryption is increasingly shaping strategic discussions. The consensus emerging across the industry is that preparation should begin now at least at the level of awareness, inventory, and planning even if full-scale adoption of post-quantum security measures remains a longer-term objective.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com  



🔒 Login or Register to continue reading