use. It brings together the views of global experts, whose most optimistic estimates suggest the CRQX
            availability will be between 5 and 30 years.

            In this case, optimistic means there is still some time to set up a quantum-resistant infrastructure, but a
            cautious estimate suggests it can happen within a decade.

            There are two critical aspects you must consider in order to plan for a post-quantum threat world.

            ·        Data Shelf Life

            Take a good, hard look at the data generated by your organization today. Will this data still be relevant
            or valuable for cybercriminals once the first quantum computer arrives in mainstream use? For example,
            banking information of a customer or just renewed credit card details (expiry in the next ten years) will be
            susceptible to quantum threats. This data can be stolen today and decrypted later.


            ·        Existing Processes

            Do you have plans to update or modify your existing hardware and software that manage and control
            data? Also, think about the in-development systems and products that will go live. Many of these might
            become operational when quantum computers are due to arrive on the scene. The fact that these systems
            and software will be updated over the years means they will be at risk of quantum threats.

            Key stakeholders must come together to understand and evaluate the sensitive nature of the data and
            the systems that process, assess, share, and control this data. Figure out the level of susceptibility these
            have to quantum threats and devise a remediation plan accordingly.



            Why Traditional Encryption Won’t Survive

            A  recent  Google  study  reported  that  breaking  2048-bit  RSA  encryption  might  only  take  a  week  of
            computation on a quantum machine with 1 million noisy qubits. A slowly dawning reality is that the shift
            from traditional asymmetric encryption to quantum-resistant encryption must happen now.

            Before quantum computing was on the horizon, asymmetric encryption was considered perfectly safe
            and configured to protect critical data. Existing computing cannot easily factor significantly larger prime
            numbers that underpin this type of encryption. This is a computationally intensive exercise. It is both time
            and cost-prohibitive and therefore non-viable.

            Quantum computing breaks this non-viability barrier.

            The amount of information that quantum computers can store and process is far larger than traditional
            computers. This means their computational capacity is also significantly faster, enabling them to break
            asymmetric encryption easily.

            We are not far from a scenario wherein a cybercriminal with access to a quantum computer running
            Shor’s algorithm, decrypts RSA and ECC encryption, exposing any private key they guard. This will have
            repercussions on the everyday security layers that we take for granted and which are delivering immense
            security value to date. These include SSL/TLS for web sessions, VPN handshakes, PGP and S/MIME




            Cyber Defense eMagazine – September 2025 Edition                                                                                                                                                                                                          39
            Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.