Preparing your organisation for the quantum shift

Quantum computing is reshaping cybersecurity priorities. Leonard McAuliffe outlines how Irish businesses can navigate the risks and rewards of the quantum era before it’s too late

The line between science fiction and reality is narrowing, thanks in large part to how AI has quickly and irrevocably changed the ways in which we work and live.

With recent advancements in quantum computing, that line may soon become a double-edged sword for business leaders concerned about safeguarding their data. And many are worried –  74 percent of organisations now rank cyber-risk remediation as their top priority for 2025, and 66 percent expect to increase their cybersecurity budgets in the same period, according to our 2025 Digital Trust Insights Survey. This dual focus on risk and investment shows that business leaders recognise both the threat and promise of emerging tech while showing acute awareness of how essential it is.

The quantum conundrum

Quantum computers – machines capable of exponential leaps in computational power beyond the “bits” of classical computing – could theoretically break today’s standard encryption methods, putting sensitive business, government and other private personal data at risk.

Yet, quantum also promises greater security, using the same principles to confirm that no one can tamper with or intercept cryptographic keys without being detected.

This is the ‘quantum conundrum’ – a paradox that forces us to balance both quantum’s benefits and risks with a thoughtful and measured approach.

The challenge is deciding how to pivot from existing classical computing systems to ones that can withstand these next-generation capabilities and safeguard sensitive data.

With technology innovation moving faster than ever, there’s little time to waste. Irish businesses should prepare now for data security in a post-quantum world.

What is quantum technology?

Quantum computers work very differently from the classical computers we use today.

Instead of processing information one step at a time, quantum computers can consider multiple possibilities simultaneously, making them incredibly powerful for certain tasks.

Imagine doing a jigsaw puzzle when every piece can be tried in every possible position and orientation simultaneously. This means a quantum computer could potentially solve more complex problems much faster than traditional computers.

Although specialists already know how quantum computers could break current encryption, the technology isn’t powerful enough – yet. But it’s coming.

Last December, Google’s 105-qubit (quantum bit) Willow processor performed a computation in less than five minutes that the world’s most advanced supercomputer would have needed ten septillion (10,000,000,000,000,000,000,000,000) years to achieve.

The status of data security

Quantum opens up exciting possibilities, including faster data analysis, breakthrough research and more efficient supply chains. But it also sparks legitimate concerns.

Many standard cryptographic techniques that protect financial transactions, personal records and trade secrets could be rendered obsolete by a sufficiently advanced quantum machine.

In October 2024, articles emerged claiming “Chinese scientists hack military-grade encryption on a quantum computer”. Spoiler alert: this wasn’t quite the quantum computing apocalypse the first articles made it out to be.

The researchers worked on a trivial problem with a relative of a quantum computer that can’t run the necessary algorithms to break the encryption we rely upon.

While the actual threat was far from substantial and did not pose any immediate danger to current encryption standards, it nevertheless serves as a valuable reminder that quantum’s timeline is unpredictable.

Many specialists predict that quantum computers capable of threatening existing encryption could be less than a decade away. However, because data today can be stored and then decrypted in the future, all that cybercriminals need to do is wait until quantum technology catches up.

The potential for this kind of “store now, decrypt later” attack is driving a worldwide race to develop and standardise post-quantum algorithms complex enough to withstand quantum decryption attempts.

This is compounding business leaders’ wariness of tech-related risks. For example, the survey reveals 67 percent of global security experts say GenAI has increased the attack surface. This threat landscape is expected to become increasingly complex as quantum computing advances.

Preparing for quantum

There are several key things organisations can do to prepare for quantum.

1. Assess your risk profile

The first step on the road to quantum-resistant security is discovery and inventory.

Where is public key cryptography used in your enterprise? Who maintains the software that has encryption and authentication routines?

This is not just about the encryption that secures communication, but also the authentication protocols that secure access to your systems.

Quantum computers could also break protections (e.g. digital signatures) that confirm software is trusted and that documents haven’t been altered.

2. Talk to your vendors and partners

Ask your security vendors, consultants and industry partners about their specific steps towards quantum resistance and keep in mind that this is an industry-wide issue. The external ecosystem, such as cloud and network providers, has skin in the game and should also be addressing this risk.

3. Budget for the quantum transition

You will need to update your software, systems and services to use quantum-resistant algorithms. Budgeting now can prevent future risks and enable a smoother transition, similar to the successful Y2K preparations.

4. Stay informed and educate your team

Encourage your IT and security teams to monitor developments in quantum computing. Share updates across leadership so decisions can be made with the right context in everybody’s mind.

5. Address your crypto agility

Crypto agility is the ability to update your cryptography as standards emerge and evolve. By embracing crypto agility, systems can remain secure and compliant in the face of advancements in both classical and quantum cryptography.

6. Collaborate and communicate

Collaboration between business leaders, policymakers and cybersecurity specialists is key. Regularly communicate the roadmap to stakeholders so there’s clarity and buy-in when it’s time to transition.

Turn the quantum conundrum to your advantage

The interest in developing quantum computers is real. Corporate private data, such as financial information, personal communications, sensitive business records, defence information and intellectual property may be threatened by a capable quantum computer.

More importantly, the keys to critical infrastructure access are also at risk. Recent nation-state intrusions into energy grids, water treatment facilities, and large-scale communications systems have demonstrated that the targets of threats are broad.

As with any monumental technology shift, quantum computing demands foresight, adaptability and collaboration. When we stop thinking of quantum as purely a threat or purely a solution, we can better prioritise investments, start testing post-quantum encryption and stay close to research developments so we’re better prepared for the post-quantum future.

Leonard McAuliffe is Partner of Cybersecurity Practice at PwC Ireland