A significant cybersecurity risk is looming on the horizon and set to disrupt your operations worldwide as soon as 2030 – or even before. That's the warning that industry giants IBM, Thales, Keyfactor and Quantinuum have echoed once again on the launch of the Quantum-Safe 360 Alliance.
Quantum computing is still a nascent technology, but these machines will one day be powerful enough to break our most powerful encryption algorithms. This will have untold repercussions and that's why efforts are underway to build algorithms that can withstand the power of quantum computing. It's not as simple as flicking a switch, however, and your organization must channel plenty of work into getting your existing IT stack into a quantum-safe state.
This new consortium aims to guide organizations on the journey to post-quantum cryptography (PQC), with the companies jointly launching a new whitepaper that outlines the key risks and includes a set of recommendations to follow. This comes as Keyfactor, a Quantum-Safe 360 Alliance member, released findings in July suggesting nearly half of businesses (48%) aren't prepared for the challenges posed by quantum computing.
"The time to start is now," Duncan Jones, head of cybersecurity at Quantinuum (an alliance partner), tells ITPro. "Success requires a comprehensive approach aimed at cryptographic agility — not just upgrading algorithms, but ensuring secure key generation, management, and protection."
What are the Quantum-Safe 360 Alliance's hopes?
The alliance was formed to advocate for a holistic approach to preparing for quantum-safe cryptography, with more businesses gaining awareness but perhaps not the executive support or resources to act. With that in mind, it has brought together companies and experts under one body to focus on the future of cryptography – pooling resources and knowledge together in the process.
With various initiatives already in motion, including Microsoft's own program to get businesses ready for PQC, one might question the need for yet another industry body advocating for industry-wide changes. But this broad partnership is symbolic, if nothing else, and a sign that these entities are deadly serious about the forthcoming threat. The new whitepaper spans various topics, including the challenges organizations face in securing buy-in for PCQ measures, case studies, as well as best practices for implementing quantum-safe infrastructure within the organization.
"This is tangible crisis planning, not theory: governments have set hard deadlines for migration, and the cryptographic community spent years developing quantum-safe algorithms now being deployed," Jones adds. "The challenge is like reinforcing levees before a storm – you need years of preparation before the water rises. And when the crisis comes, we won’t see it immediately, because the first nation-states to break cryptography won’t announce it; they’ll quietly exploit the advantage to read secrets, steal IP, and cause disruption."
Why do we need to be quantum-safe by 2030?
Quantum computers are improving dramatically, even though it might not feel like it, with the technology still a considerable distance from overtaking the most powerful supercomputers. But the time horizon for quantum advantage is shortening each year. Experts say that within the next ten years, and perhaps even before 2030, they'll be powerful enough to be wielded by cyber criminals and rogue nation-states.
The EU Commission Roadmap targets 2030 for European states to transition their systems to PQC, and 2035 for other systems, says Simon Briskman, partner and co-head of technology and data at Fieldfisher. The US National Institute of Standards and Technology (NIST) has also set an official deadline for transitioning away from legacy algorithms by 2030: RSA, ECDSA, EdDSDA, DH and ECDH will be deprecated by 2030 – and entirely disallowed from 2035.
"Given the threat of "harvest now, decrypt later" attacks where encrypted data is acquired and held until quantum computing forced decryption becomes available, getting cracking with critical applications and data ahead of the curve makes total sense," says Briskman. "The EU has in mind critical infrastructure such as that regulated by NIS2, which includes amongst other sectors utilities, finance, government, digital infrastructure and ICT service management."
These harvest now, decrypt later attacks are "absolutely happening now," adds Karl Holmqvist, founder and CEO at Lastwall. This means that today's secrets are already at risk. He also points to recent scientific breakthroughs that, for him, point toward an increasing rate of change and a shortening window in which to act.
"Google’s Willow and the below-threshold error-correction milestone mark real progress; IBM’s roadmap targets fault tolerance by decade’s end. Planning for sooner-than-expected cryptographically relevant quantum computers (CRQCs) is rational risk management, not panic," he explains. "Is it realistic? Yes. If you inventory now, deploy horizontal mitigations early, and fold PQC into normal refresh cycles. Waiting until “later” is what makes it unrealistic."
What should businesses be planning ahead for?
Jones says there will always be unknowns in security, but the right response to this challenge is to strengthen the foundations you know will matter, including provable randomness, crypto-agility and PQC. That won't mean you will be able to predict every threat, but will make your organization a little more adaptable.
To adequately prepare, you must start with facts and not fear, Holmqvist says, adding that you must audit your organization and identify how everything is composed – including building or updating your cryptographic register. You should also go through code, configs, firmware, devices, VPNs, printers, SDKs, and so much more. "You can't swap what you can't see. For a lot of organizations, this isn't easy, which is why starting now is important. Use discovery tooling (e.g., CodeQL-driven pipelines) and record owners and upgrade paths," he advises.
The Lastwall CEO also recommends that businesses use drop-in controls to blanket traffic now using hybrid keys (for example, classical encryption plus ML‑KEM from FIPS 203), classifying what needs to be secret and how long for (in order to align mitigations against these timescales). He also advises IT leaders to look at using existing tools like Apple PQ3 in iMessage, PQXDH in Signal as well as ML-KEM in AWS and Cloudflare, and baking PQC into refresh cycles. Building swapability into libraries, terminators and CI/CD is also a useful step, so that algorithms and parameters can be rotated quickly as standards or attacks evolve.
"Many organizations will face compliance issues if they do not adopt PQC for critical data as the threat of quantum computer decryption grows," explains Briskman. "Don't believe for a moment that you are okay until the law is updated – the law already requires you to adapt to new cyber threats."
For instance, GDPR and NIS2 each require a level of security taking into account the "state of the art" while DORA specifies that financial firms and their IT suppliers should ensure IT assets are protected – alongside governance to ensure measures are reviewed and updated.
"It follows that organizations relying for too long on today's security standards will find themselves in breach of regulatory requirements as those standards become increasingly inadequate."
There are, however, challenges that organizations still face in adjusting to the new reality. There are, for example, mountains of hidden cryptographic debt in many organizations, says Holmqvist, alongside the lack of official support for PQC in supply chains. Cost, complexity and speed all cause challenges too, with Briskman speculating that many organizations will continue to tussle with whether they should prioritize PQC until they really have to, because there will always be greater short-term budgeting priorities for tech spend.
"This is understandable, so long as organizations don't ignore PQC and continue to monitor adoption and practicality; and have confidence that they are managing their information security risk – including harvest now, decrypt later attacks," he says.
Strategic challenges also remain, including getting buy-in from key decision makers and allocating serious funds to tackling the migration to PQC. "Too many teams still treat PQC as a '2030 problem' when it’s a NOW problem," warns Holmqvist.
"ISACA’s latest poll shows 95% of organizations don’t have a quantum roadmap. The practical fix is simple, but in many organizations, is difficult to implement. More people need to be aware of the fact that PQC is a board‑level risk that needs to be addressed today. Hopefully, articles like this can help."
