Research from Bain & Company reveals that a staggering 90% of executives do not have a security plan in place to address the risks posed by quantum computing. As this transformative technology edges closer to reality, the potential for threat actors to decrypt sensitive data is raising alarm bells across various sectors. Despite 71% of surveyed business leaders believing that quantum-enabled attacks could emerge within five years, many organizations are failing to allocate the necessary resources to combat these imminent threats.
The Bain study indicates that a significant portion of business leaders is aware of the looming dangers. Approximately 65% of IT and cybersecurity professionals recognize the adverse effects quantum computing could have on cybersecurity risks. Yet, despite this awareness, the readiness to act remains minimal. A third of respondents expect quantum threats within just three years, but Bain cautions that identifying and implementing quantum-resistant solutions could take up to five years.
Urgent Need for Preparedness
Bain’s findings highlight a critical gap in preparation. According to the consultancy, organizations heavily reliant on legacy infrastructure may be particularly vulnerable to quantum attacks. The report emphasizes the complexity of transitioning to quantum-safe systems, which involves upgrading cryptographic infrastructure, aligning with evolving standards, and coordinating among internal teams and external partners.
The urgency for businesses to act is underscored by the company’s call to action: “Boards and executives should prioritize and resource the necessary work to guard against this rising threat before it’s too late.” Some companies, such as Cloudflare, are already taking steps to enhance their defenses. The tech firm has collaborated with Google to streamline quantum security measures, focusing on post-quantum cryptography (PQC). Additionally, Viavi Solutions is developing frameworks for deploying quantum-safe security across telecom and enterprise networks.
The Wider Industry Perspective
Bain’s report aligns with earlier analyses regarding the impact of quantum computing on the IT landscape. A survey conducted by the Information Systems Audit and Control Association (ISACA) last May revealed that 62% of approximately 2,600 global IT and cybersecurity professionals expressed concern about quantum computing’s capability to undermine encryption. Alarmingly, over half of the respondents, 57%, acknowledged that quantum technology will introduce new business risks.
Despite recognizing these risks, many professionals reported being unprepared. The ISACA survey found that 40% of respondents were not aware of their company’s plans to address quantum threats, while 41% stated they had no strategies in place to mitigate these potential risks. Only 5% indicated that they would prioritize quantum threats in the near future, even as one quarter predicted that quantum computing would become a reality on an industry-wide scale within the next five years.
Rob Clyde, former ISACA board chair and current chairman of Crypto Quantique, stressed the importance of immediate action: “If we don’t move now to start solving issues like re-encrypting our data, switching to new digital signatures, and moving our systems over to new algorithms, we are creating problems that will become increasingly difficult to address.”
The consensus among industry leaders is clear: preparation for quantum computing threats is not a distant concern but an immediate necessity. As the technology advances, businesses must prioritize the development of robust security plans to safeguard their data and infrastructure against evolving quantum threats.
