Nearly two-thirds of organizations now view quantum computing as the most critical cybersecurity threat in the next 3–5 years, according to a new report by the Capgemini Research Institute. Titled “Future Encrypted: Why Post-Quantum Cryptography Tops the New Cybersecurity Agenda,” the study warns of an accelerating risk environment, where current encryption standards may soon be rendered obsolete by quantum advances.
The report highlights growing fears around “harvest-now, decrypt-later” attacks—a tactic where threat actors capture encrypted data now with the intent to decrypt it when powerful quantum computers emerge. Around 65% of organizations express concern over this threat, with six in ten early adopters predicting the so-called “Q-day” will arrive within 5–10 years. Q-day refers to the hypothetical point at which quantum computers can break modern encryption algorithms.
“Quantum readiness isn’t about setting a date—it’s about mitigating irreversible risk,” said Marco Pereira, Global Head of Cybersecurity, Cloud Infrastructure Services at Capgemini. “Any encrypted data stored today could be compromised in the future unless organizations act now. Quantum safety should be seen not as a discretionary spend, but as a strategic imperative.”
Readiness Gap Persists Despite Rising Awareness
While awareness is rising, the report reveals that around 30% of organizations remain unprepared. These organizations cite lack of budget and skilled personnel as major barriers to implementing quantum-safe strategies. This lag in preparation could expose sensitive data to future breaches and non-compliance with emerging regulations.
Industries such as defense, banking, and telecom are taking the lead in quantum readiness. By contrast, consumer-facing sectors like retail and consumer goods remain sluggish, despite facing equally high data risks. Early adopters—defined in the study as organizations either implementing or planning quantum-safe measures within five years—make up 70% of the surveyed group.
Post-Quantum Cryptography Emerges as Preferred Strategy
To counter the quantum threat, organizations are turning to post-quantum cryptography (PQC). About 70% of respondents favor PQC as the most viable and immediate solution. It offers a comprehensive defense by deploying cryptographic algorithms that are resistant to both classical and quantum attacks.
Close to half of early adopters are already piloting, assessing, or planning the feasibility of PQC-based systems. Regulatory mandates are a key driver in this transition for 70% of the organizations surveyed, as global governments prepare for the quantum era with stricter compliance requirements.
The report is based on a global survey of 1,000 companies across 13 industries and geographies.