Today is World Quantum Day. It’s a day to celebrate quantum science, the curious physics of it, the wild possibilities, and the future it’s going to unlock. The medicine, the materials, the optimization problems we’ve been banging our heads against for decades. Quantum is going to change all of it for the better.
But every powerful technology cuts both ways. In the right hands, it drives innovation. In the wrong hands, it drives risk. Quantum is no exception, and the part that keeps me up at night is what it does to the encryption sitting underneath every digital interaction. Every login. Every payment. Every signed software update. Every API call between two machines. All of it relies on cryptography that quantum computers, very soon, will break.
The race between trust and technology
For the last thirty years or so, cryptography has been the dependable workhorse in the back of the stable. Solid. Predictable. Mostly forgotten about. When it started to feel weak, we gave it a longer key length and let it keep trotting. SHA-1 to SHA-2. 1024-bit to 2048-bit. Size up and move on.
Meanwhile, in the lane next to it, technology kept sprinting. Faster, bigger, more capable every year. We told ourselves the workhorse had a comfortable lead. We built our entire model of digital trust on that assumption, even while we preached zero trust at every other layer of the stack.
But the horse race is closing. Fast.
The timeline for when a quantum computer could potentially break standard 2048-bit RSA encryption is compressing far faster than initial industry projections suggested:
- 2012 Estimate: 1 billion physical qubits required.
- 2019 Estimate: 20 million physical qubits.
- Recent Research: Google researchers recently demonstrated that the threshold could be as low as 1 million noisy qubits, with a decryption time of under a week.
And a couple weeks ago, Google moved its internal deadline for being fully migrated to post-quantum cryptography to 2029. That is less than three years away. Years ahead of NIST. A year ahead of the NSA’s own target.
When the company that runs the most-used browser, one of the two dominant mobile operating systems, and a giant slice of the Internet’s infrastructure says its own risk math demands quantum-safe by 2029, that’s not FUD. That’s a signal flare.
What’s actually at stake
I want to be clear about what we’re protecting and why it matters.
The cryptography running underneath the internet is the connective tissue of digital trust. It’s how your bank knows it’s really you. It’s how your car gets a software update without someone slipping malware into it. It’s how a hospital’s medical devices talk to each other without a stranger listening in. It’s how AI agents will authenticate to systems they need to act on. When that fabric tears, the consequences aren’t theoretical. They’re systemic.
And here’s the part most people miss. The bad guys don’t have to wait for a working quantum computer to start hurting you. They’re harvesting encrypted traffic right now, sitting on it, waiting for the day they can decrypt it. Every secret you transmit today with classical crypto has a shelf life that ends the moment a sufficiently capable quantum machine wakes up. We call it “harvest now, decrypt later,” and it’s not a thought experiment. It’s happening as you read this.
There’s a cousin to it too, “trust now, forge later,” where adversaries capture today’s signed traffic and, once quantum breaks the signatures, use it to forge commands into systems that thought they were talking to someone they trusted. That’s impersonation at scale.
The good news? There is some
Here’s where I get to be optimistic, because this is World Quantum Day and the future is genuinely exciting.
We’re not staring down this problem empty-handed. NIST has finalized the first post-quantum standards. NIST has also made crypto-agility official guidance, which tells me the industry has finally accepted what some of us have been shouting about for years: cryptography is not static, and pretending it is static has been a bad bet for a long time.
The organizations getting ahead of this aren’t waiting for a single Q-Day headline. They’re treating their cryptography the same way they treat every other piece of critical infrastructure. They’re inventorying it. They’re governing it. They’re building the muscle to swap algorithms the way you’d patch a server. Not as a fire drill. As a normal Tuesday.
That’s the win condition. Not “we survived quantum.” It’s “we built a trust infrastructure that can adapt to whatever comes next, including the things we haven’t named yet.”
What to do next
As a CTO, I’ve seen how conversations like this often go. It’s easy to recognize the importance of a topic like PQC, but just as easy to deprioritize it in the face of more immediate demands. So let’s make this practical.
You don’t have to solve PQC migration this quarter, but you do need to start. And starting comes down to three things: understanding what cryptography is currently in use across your environment (which is often less clear than expected), building the operational capability to transition algorithms without disrupting the business, and beginning to work with emerging standards now, while the stakes and costs of learning are still relatively low.
That last one is why we built the PQC Lab. It’s a place to learn what post-quantum cryptography actually is, test how it behaves in real systems, and start getting comfortable with the algorithms that are going to underpin the next era of digital trust. It’s free, it’s hands-on, and it’s the easiest first step I can point you to.
We hope to see you in the Lab.
