The Quantum Computer Threat on Cybersecurity

"Hi Rebeca! Thank you for the beautiful pictures! They are wonderful. – Love, Grandma."

You might not realize it, but that simple message from your grandmother was protected by encryption. From the texts we send, the online banking that saves us a trip to the branch, to the documents we share with colleagues, encryption is working behind the scenes to keep our information safe.

We don’t usually think about the algorithms guarding these interactions, yet they’re the reason our digital lives can operate with trust. But a new technological leap - quantum computing - is on the horizon, and it has the potential to change everything we know about keeping data secure.

What sectors are at risk?

“Quantum computing? Superposition? We’re just a small firm of accountants. Nobody is coming after us!”

It’s easy to think, “We’re too small for hackers to care about us.” But in today’s world, every business is a potential target.

Picture this:

·       A dentist’s patient records could be used for identity theft.

·        An accountant’s tax files could be sold on the dark web.

·        A law firm’s contracts could be exploited for corporate espionage.

·       Even a florist’s order history could reveal payment details or personal information that clients would never want exposed.

If your business stores, processes, or sends any kind of information - from payroll records to client emails - that data has value to someone. And if it has value, someone, somewhere, is willing to steal it.

What is a quantum computer? 

 A standard computer today uses bits, values of either 0 or 1. Imagine you are navigating through a booby-trapped maze. To get through safely, you must flip a series of switches in the exact right combination. Each switch is either ON (1) or OFF (0). A classical computer works by testing each possible combination, one after another until it finds the correct path.

Quantum computing is a different beast. Instead of using bits, it uses qbits. Thanks to the principle of superposition, a qbit can be 0,1, or both at the same time.  This means a quantum computer doesn’t need to check each path one by one, it can explore many possibilities simultaneously. On certain complex problems like factoring enormous numbers used in encryption, this can shrink computing time from billions of years to potentially hours or even minutes.

Why is it a threat?

One of the most widely used forms of public-key cryptography is RSA. It’s built on the mathematical difficulty of factoring large numbers into their prime factors, something classical computers are extremely slow at doing.

Here’s how it works:

• Two large prime numbers are chosen (hundreds of digits long).

• These primes are multiplied together to create a large composite number called the modulus.

• From this modulus, two keys are generated: Public Key – shared with anyone. Private Key – kept secret.

The public key encrypts data, and only the private key can decrypt it.

For example: if Alice wants to send Bob a secure message, she uses his public key to encrypt it into unreadable ciphertext. Only Bob’s private key can convert it back into readable form. The system is secure because, with classical computing, factoring the modulus into its original primes would take billions of years.

Quantum computing changes the equation. Using algorithms like Shor’s algorithm, a sufficiently powerful quantum computer could factor those massive numbers in days, hours, or even minutes — rendering RSA encryption useless against such an attack. That means the “unbreakable” message containing sensitive information Alice sent could be decrypted almost instantly once quantum capabilities are available.

When will quantum computing threaten current cybersecurity posture?

The threat of quantum computers isn’t just a future concern, it’s already here.

The National Institute of Standards and Technology, or NIST for short, recommends fully transitioning to post-quantum cryptography by 2035, but attackers are not waiting until then. Through a tactic known as Harvest Now Decrypt Later (HNDL) AKA Steal Now Decrypt Later (SNDL), they’re collecting encrypted data today; anything from customer records and intellectual property to sensitive government files and storing it until quantum computers can break current encryptions. Once that capability arrives, years of stolen but unreadable data could be decrypted in hours, instantly exposing information long thought to be secure.

How can we protect against quantum computing?

The good news? We’re not in this fight alone. Across the globe, some of the brightest minds in cybersecurity are working together to help organizations understand where they stand and how to prepare for the quantum era.

As someone who’s been on both sides of the table, leading business strategy and managing security operations, I’ve seen how quickly technology shifts can leave organizations scrambling. That’s why I’m a firm believer in leveraging resources like the Quantum Security Maturity Index (QSMI), developed by Accenture and industry partners. It’s not just a technical checklist, it’s a business-focused health check that helps leaders and IT teams align on how prepared they truly are for quantum threats.

Five pillars to follow

1. Strategy – Build awareness at every level of your organization and educate decision-makers on quantum-related risks.

2. Discovery – Take an honest look at your current cryptographic posture—know where you’re strong, and where you’re exposed.

3. Architecture – Design with crypto agility in mind, so your systems can adapt without expensive rebuilds when new standards arrive.

4. Deployment – Test and validate changes before they hit production, then refine continuously.

5. Operations – Make evolved systems part of daily business processes, not just a one-off project.

It’s not all over — what NIST is saying

While quantum computing poses serious risks, the security community isn’t standing still. NIST has been leading the charge in creating quantum-resistant algorithms. The hope is that these cryptographic methods will be designed to withstand the power of future quantum computers.

In fact, NIST launched a global competition in 2016 to identify and standardize these algorithms. Researchers and cryptographers from around the world submitted their best designs which went through multiple rounds of intense evaluation and testing. Some early front runners were later found to have vulnerabilities and were eliminated, proving just how challenging this problem can be. However, through this process, NIST was able to select a set of strong candidate algorithms that are now in the standardization process.

NIST also highlights the potential of Quantum Key Distribution (QKD), a secure key exchange

method that leverages the principles of quantum mechanics and can alert users to any discrepancies during data transmission. While promising, QKD is not a one-size-fits-all solution and faces practical deployment limitations. For most organizations, quantum-resistant algorithms will remain the primary line of defense.

From my perspective, the key takeaway for business leaders is crypto-agility, the ability to quickly replace cryptographic methods as standards evolve. This flexibility ensures you’re never locked into a vulnerable technology and can pivot as new threats and solutions emerge. As we say in business, times are changing—either you adapt, or you get left behind. Let’s move forward, together.