Why It’s Time to Act on Quantum-Safe Encryption

24 September 2025 - 4 Minute Read

Almost everything we do on a computer relies on cryptography. It’s the invisible force protecting your emails, your medical records, your bank transactions - even the systems running your city’s power grid.

Modern cryptography is so effective that when security breaches occur, it’s rarely because someone has cracked the encryption itself. Most often, it's human error: someone reuses a password, clicks a phishing link, or leaves an unsecured back door open.

Today’s public-key cryptography, such as 2048-bit RSA encryption, is like a near-impenetrable vault. But that vault has an expiry date...

Quantum Computers Will Break Today’s Encryption

Quantum computing is advancing fast. Unlike classical computers, which process bits as 0s or 1s, quantum machines use qubits, unlocking entirely new ways of solving problems. One of those problems is prime factorisation, which underpins most current encryption methods.

In 1994, Peter Shor developed an algorithm that could, in theory, break RSA encryption on a quantum computer. At the time, such machines didn’t exist. Now, they do, and they’re improving at pace.

We don’t know exactly when a quantum computer will be able to crack a 2048-bit key, but some credible estimates offer a stark warning:

  • NIST (National Institute of Standards and Technology) suggests the first quantum-enabled breaches could occur as early as 2030.
  • Quantum expert Dr Michele Mosca puts the chances of a critical breach by 2031 at 50%, and notes there’s already a 1 in 7 chance by 2026.

Even more concerning, some attackers are harvesting encrypted data today, planning to decrypt it later when quantum computing catches up. This “harvest now, decrypt later” strategy puts sensitive, long-life data at risk now.

What Is Quantum-Safe Encryption?

Quantum-safe (also known as post-quantum) encryption refers to cryptographic algorithms designed to withstand both classical and quantum attacks. These systems replace the mathematical problems that are easy for quantum machines to solve with ones that are hard for both classical and quantum computers.

In 2022, after a six-year international process, NIST announced the first set of quantum-safe standards. Notably, IBM played a major role in developing several of the selected algorithms, including:

  • ML-KEM (formerly CRYSTALS-Kyber) – for key establishment
  • ML-DSA (formerly CRYSTALS-Dilithium) – for digital signatures
  • SLH-DSA (based on SPHINCS+) – an alternative digital signature scheme
  • FN-DSA (FALCON) – selected for future standardisation

Unlike today’s encryption methods, many of which rely on factoring large numbers, these new algorithms are based on lattice problems, which are far more resistant to quantum attacks.

Why You Need to Act Now

Upgrading cryptography across an organisation is a significant undertaking. Many core systems, particularly in industries like financial services, healthcare, and government, use encryption schemes that have remained unchanged for decades.

The shift to quantum-safe cryptography isn’t about swapping out a few certificates. It involves:

  1. Discovery – identifying where cryptography is used across your systems
  2. Assessment – evaluating the risk and impact of legacy encryption
  3. Migration – transitioning to new, quantum-safe standards while maintaining interoperability

Most organisations lack full visibility of their cryptographic estate, making it difficult to know where the vulnerabilities are or how to prioritise fixes. That’s a problem, not just from a security perspective, but from a governance and compliance standpoint.

The window to prepare is short. If you’re holding data that needs to remain secure for 5, 10, or 20 years, it must be encrypted with quantum-safe methods now. Otherwise, it should be considered already compromised.

Ready to Begin Your Quantum-Safe Journey?

The good news: quantum-safe cryptography exists and is already being deployed in enterprise systems.

The bad news: the transition won’t happen by accident.

At Baby Blue IT Consulting, we can help organisations assess their cryptographic landscape, build crypto-agility, and plan a safe and efficient transition to post-quantum security. If your business handles sensitive data, now is the time to act.

Contact us today to find out how we can help you prepare for the quantum future-securely.

About the Author

Chris Smith

Chris Smith is a sales leader and consultant with over 30 years of experience in IT managed services. With a background in IBM hardware maintenance, he transitioned from field engineer to sales and marketing director, creating the foundations for Blue Chip Cloud, which became the largest IBM Power Cloud globally at the time. Chris played a key role in the 2021 sale of Blue Chip and grew managed services revenue by 50%. He’s passionate about building customer relationships and has implemented Gap Selling by Keenan to drive sales performance. Now, Chris helps managed service providers and third-party maintenance businesses with growth planning and operational improvement.

LinkedIn

Suggested Articles

image for Don’t Leave IBM i Security to Chance: Why Independent Security Audits Are Critical

18 January 2025

Don’t Leave IBM i Security to Chance: Why Independent Security Audits Are Critical

image for Are Your IBM Power Systems a Compliance Time Bomb?

14 February 2025

Are Your IBM Power Systems a Compliance Time Bomb?

image for 3 Ways to Keep IBM i & IBM AIX Operating Systems Supported - Forever

14 September 2025

3 Ways to Keep IBM i & IBM AIX Operating Systems Supported - Forever

image for Is Your IBM i Stuck in the Past?

27 February 2025

Is Your IBM i Stuck in the Past?

image for Is it Time to Wind Back(up) to Tape?

23 May 2025

Is it Time to Wind Back(up) to Tape?

How can we help your business?

Contact Us to see how our services align with your needs and projects.

Baby Blue logoIBM Silver Partner

Website Design by Thomas Price