World Quantum Day today is a reminder for leaders to put quantum cyber readiness at the top of their 2025 agendas. As more announcements demonstrate progress towards quantum advantage, and commercial use cases are multiplying – it is imperative that organizations make sure the attendant cybersecurity threat doesn’t overshadow the tremendous potential that quantum computing has.

Cybersecurity resiliency should be at the forefront of every enterprise leader’s mind as the threat landscape continues to evolve. The scale and complexity of attacks continues to grow, and long gone are the days when merely protecting the perimeter was enough. Increasingly, cybersecurity teams have to detect and respond to new and emerging patterns of behavior rapidly, and it continues to be a challenge for organizations to maintain enough cybersecurity talent to keep up.

With quantum computing continuing to ease closer to reality, albeit still several years away, the next era of technology has potential to make this even harder. While quantum computing holds the potential to streamline even the most complex challenges organizations face and output solutions in record time, it can also bring future threats of being able to corrupt today’s encrypted data and trust anchors. While widespread quantum adoption isn't a reality yet, it will likely have a major impact on security teams, changing how organizations safeguard their data and proactively play threat defense. Leaders today should understand the potential threat as well as the promise of quantum computing to be well positioned for the not-so-distant future, as mitigating the threat could take up to a decade based on some estimates.

Improving data hygiene

In Deloitte’s 2025 Tech Trends Report, we talk about why a cryptographically relevant quantum computer (CRQC) may be here in the coming decade, but enterprises’ data might already be at risk because of “harvest now, decrypt later” strategies. Attackers can steal data that is encrypted today with the knowledge that they will be able to decrypt it in the future when quantum computers arrive. A lesser discussed issue is how quantum computing will compromise the mutual authentication mechanisms that establish the bedrock of trust for all digital connections between humans and devices.

To combat the potential threat of having your encrypted data exposed in the future, don’t forget that bad actors can’t decrypt data they don’t have access to! Moving proactively to improve cyber hygiene now can provide better long-term protection. In addition, consider conducting an audit of all the data your organization stores and determining what is necessary and what might be considered a real risk if harvested. Everything from employee data, supplier and vendor data, and financial data should be critically examined for value and securely disposed of if not needed. It will be increasingly important that every organization plays their part in this exercise, since in a global world data isn’t just siloed into one place, it’s shared between several players. And don’t forget to include in your survey, all of the transactional integrity that cryptography is providing throughout your business operations.

Hardening Cryptographic Resilience

Organizations can also improve confidence in their future operations by investing in cryptographic resilience strategies. This means creating a reproducible set of processes, governance, and activities to protect cryptographic systems against various types of attacks and failures. The quantum threat is the most immediate threat, but this strategy also prepares teams for new threats on the horizon too. Security teams shouldn’t have to go through this entire exercise again when a new threat emerges—instead, they should develop the muscles necessary to add or swap out cryptographic capabilities quickly and effectively.

The financial services industry has been an early adopter of cryptographic resilience because of its heavy use of cryptographic systems to secure personal information, transaction details, and financial records. But players in the healthcare, technology, retail, energy, and education industries must also start looking towards these strategies to protect their most valuable assets.

What Comes Next?

Now is the time to prepare for a quantum future.

Quantum computing is still in its infancy, but conversations around enterprise adoption for specific functions are starting to become more regular. Our research shows 52% of organizations are assessing their exposure and developing quantum related risk strategies, while another 30% are taking action to implement solutions to these risks.

Leaders should start by asking themselves a threefold question:

1. Do I have the right talent to implement proactive cyber defense in a post-encryption world?

2. Which departments, people, and workflows have sensitive data that may cause risk if harvested and decrypted?

3. How does cryptography protect the business operational transactions that are at the heart of my business?

Once you’ve identified the most at risk areas, consider making the transition to quantum-secure encryption methods. Large tech companies are already implementing new standards released by the National Institute of Standards and Technology (NIST) in 2024 that should withstand attacks from quantum computers. It will be important that all organizations that store or interact with data make this shift.

Quantum computing is a complex and rapidly evolving space, so consistently dedicating time to explore where it may impact your organization is crucial to long-term success. Enterprises should both prepare for and harden their defenses against quantum computers today in order to reap the benefits without major disruptions and potential risks.