Forget ransomware - most firms think quantum computing is the biggest security risk to come

In fact, many nation-states are likely harvesting encrypted data already, in preparation of that “Q-day” moment - an attack dubbed “harvest now, decrypt later”.

A new report from the Capgemini Research Institute surveyed 1,000 organizations with annual revenue of at least $1 billion across 13 sectors and 13 countries in Asia–Pacific, Europe, and North America, finding the majority of the respondents (around 70%) are referred to as “early adopters” - meaning they’re either working, or planning to work on quantum-safe solutions, within the next five years.

Harvest now, decrypt later

Capgemini’s researchers found that two-thirds (65%) of respondents are already concerned about the rise of “harvest-now-decrypt-later” attacks, with one in six early adopters believing “Q-day” will happen within the next five years.

Even more, around 60%, believe Q-day will happen within a decade from now.

To mitigate the risk, businesses in vital industries should transition to post-quantum protections as soon as possible.

“Transitioning early ensures business continuity, regulatory alignment, and long-term trust,” said Marco Pereira, Global Head of Cybersecurity, Cloud Infrastructure Services at Capgemini.

“Quantum safety is not a discretionary spend but a strategic investment, which can turn a looming risk into a competitive advantage. The organizations that recognize this fact early will best insulate themselves against future cyber-attacks.”

The report also states that most organizations surveyed (70%) are already protecting their systems against emerging quantum threats through a mix of post-quantum cryptographic algorithms.

You might also like

• Prediction: 2025 is the year quantum computing advances from physical qubits to logical qubits
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers