The rise of quantum computing is prompting significant concern among business leaders, yet a striking 90% of executives lack a security plan to address potential quantum threats. Research from Bain & Company reveals that despite the imminent risks of quantum-enabled attacks, many organizations are ill-prepared to protect their data from breaches that could compromise previously secure encryption.
Survey findings indicate that 71% of executives believe quantum-enabled attacks could emerge within the next five years, with one-third predicting these threats may arise even sooner, within three years. In a blog post, Bain cautioned that it could take businesses up to five years just to identify and implement the necessary quantum-resistant solutions.
“Organizations that are heavy with legacy infrastructure may be particularly vulnerable, and more attractive targets for attackers,” the post emphasizes. The challenges include the complexity of upgrading cryptographic systems, aligning with evolving standards, and coordinating efforts across internal departments and external partners.
Understanding the Quantum Risk Landscape
Bain’s report highlights that nearly 65% of business, IT, and cybersecurity leaders recognize the risks posed by quantum computing. This awareness is crucial, as the technology is anticipated to significantly heighten cybersecurity risks. Some companies are proactively addressing these challenges. For instance, Cloudflare has partnered with Google to enhance quantum security measures, focusing on post-quantum cryptography (PQC). Additionally, Viavi Solutions is developing frameworks for implementing quantum-safe security across telecommunications and enterprise networks.
Despite some organizations taking steps to bolster their defenses, Bain urges that preparations should begin immediately rather than waiting three to five years. The consultancy states, “Boards and executives should prioritize and resource the necessary work to guard against this rising threat before it’s too late.”
Industry Insights on Quantum Preparedness
The findings from Bain align with prior analysis from industry groups, including a survey conducted by ISACA in May 2023. This survey, which involved approximately 2,600 global IT and cybersecurity professionals, found that 62% expressed concern regarding quantum computing’s capability to break encryption, while slightly more than half, 57%, acknowledged that it could introduce new business risks.
Despite this awareness, many respondents indicated they remain unprepared. Around 40% reported being unaware of their company’s plans to tackle quantum risks, and 41% stated they had no plans to address these potential threats. Alarmingly, only 5% considered quantum threats a high business priority for the near future, even as a quarter of respondents believe quantum computing will become a reality on an industry-wide scale within the next five years.
“If we don’t move now to start solving issues like re-encrypting our data, switching to new digital signatures, and moving our systems over to new algorithms, we are creating problems that will become increasingly difficult to address,” warned Rob Clyde, past ISACA board chair and chairman of Crypto Quantique, in a blog post.
As the landscape of cybersecurity evolves with the advent of quantum computing, it is clear that businesses must take decisive action to safeguard their data. The clock is ticking, and without immediate steps toward quantum preparedness, many organizations risk falling victim to an emerging wave of sophisticated cyber threats.
