How to prepare for when quantum computers break encryption

An atom particle with a broken padlock in the middle

Just like Y2K had IT pros sweating in the late ‘90s, the dawn of quantum computing is sparking déjà vu—and a potential encryption apocalypse. As futuristic quantum machines inch closer to mainstream viability, their ability to crack widely used security methods like RSA encryption could leave sensitive data exposed to cyber villains of the future. That’s why experts are urging a “Y2Q” mindset—dusting off the Y2K playbook to prepare for quantum threats before it’s too late. From algorithmic overhauls to vendor conversations and chilly qubits, it’s time for organizations to study up, gear up, and quantum-proof their digital defenses.

Fill out the form on the right to learn more about:

  • ❄️ Quantum 101: How quantum computers function using qubits to process data in radically new ways, unlocking powerful possibilities.
  • 🔐 Encryption on the Brink: How quantum computing threatens to break traditional encryption like RSA, making sensitive data vulnerable to future decryption.
  • 📉 Low Awareness, High Risk: Why most organizations are not yet preparing for quantum risks, despite forecasts that quantum threats could crack encryption within a decade.
  • 🛠️ Get quantum-ready: What ISACA and cybersecurity leaders advise for companies to prepare for quantum computing.
ByBilly Hurley

5 min read

Not to ruin the party like it’s 1999, but there’s a looming Y2K-like technology threat that IT pros need to prepare for before it’s too late: quantum computing.

The promise of quantum computing and its problem-solving prowess also poses a glaring threat to old encryption methods like the RSA algorithm.

With sensitive data potentially unlocked to adversaries, tech pros who spoke with IT Brew advised practitioners to reopen that Y2K playbook and apply familiar preventative steps from that memorable turn of the century: take inventory, apply updates, and test. Quantum preparations, security specialists told IT Brew, include working through a checklist of tool inventory, vendor conversation, and a changeout from old encryption to new.

What is quantum?

Instead of using bits, quantum computers deploy particle-manipulating qubits to quickly store and process data on refrigerated hardware running at temperatures approaching absolute zero. Some possibilities for the high-speed calculators include better sensors and improved simulations for batteries and material science.

The encryption question

In 1994, computer scientist Peter Schor developed an algorithm that factored large numbers quickly. The demonstration revealed risk to the encryption of the time, given that the protection mechanism often relied on multiplying large prime numbers.

In 2001, a quantum computer developed by IBM and Stanford University implemented “Shor’s algorithm” and factored the number 15 on a 7-qubit processor. Since the demonstration, companies like D-Wave, IBM, and Google have built quantum computers.

The risk. As the computing advances, security pros fear that quantum tech can break the encryption guarding enterprise data.

Adversaries already have access to the technology needed to employ “harvest now, decrypt later” attacks, according to a 2024 Global Risk Institute report, “to intercept, copy, and archive encrypted communications for eventual decryption with a quantum computer.”

The response. On August 13, in response to the quantum threat, the National Institute of Standards and Technology announced three post-quantum encryption standards for tech vendors and practitioners to start using.

Will this be on the test?

Preparation for a quantum crypto-breaker has led many IT professionals to assess regulatory implications, update encryption standards, and collaborate with hardware and software vendors. Many, however, aren’t ready for the final exam.

A survey from international professional association ISACA found that 40% of respondents are not aware of their company’s plans, and 41% say they do not plan to address quantum computing at present.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

ISACA released a quantum-preparedness checklist, including:

Part of the readiness assessment can be simply seeing what breaks when a new encryption standard gets added.

In May 2024, Google implemented ML-KEM in its Chrome browser by default for the online-privacy protocol known as TLS 1.3, for example. A system admin can “use a browser with the new algorithms enabled…and see if they can still connect to old firewall interfaces,” Johannes Ullrich, dean of research for the SANS Technology Institute, told us last year.

A recent survey, commissioned by cybersecurity platform provider DigiCert and conducted by Propeller Insights, found that 69% of “cyber leaders” expect quantum threats to break encryption in 5 years, but only 5% have quantum-safe encryption in place. (Respondents included 1,042 senior and C-level cybersecurity managers in the US, UK, and Australia, according to the company.)

What else is there to do?

Quantum prep includes work for the individual IT pro, like updating encryption for data at rest, or provisioning a new certificate for, say, a smart TV that has to authenticate to a network. Other updates require conversations with a vendor.

In addition to ISACA’s recs, Mike Nelson, global VP of digital trust at DigiCert, also advises clients to talk with software vendor partners to understand their timelines for supporting post-quantum cryptography.

“They should be able to communicate with you about their plans for that so that you know when they will be introducing it, so that you can have that coordinated approach,” Nelson told us.

The countdown

Deloitte’s Bill Briggs told us in January 2025 that the prep scenario had a Y2K—or “Y2Q”—feel. The year 2000 fortunately began without too many tech glitches due to forward planning.

Over one-third (34%) of the quantum-computing researchers surveyed by the Global Risk Institute in 2024 estimated that a quantum computer could break a 48-bit RSA encryption within 10 years. There is a quantum countdown; it’s just hard to know when it’s “Q o’clock” exactly.

Nelson sees a more disordered, “messy” situation than Y2K as IT pros get ready for a test with no clear date. Some will ace the exam, he said, and some will try to migrate fast when they absolutely have to.

“There’s going to be things that are going to break, systems that are going to go down, and there will be outages,” he said.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.