Quantum Computing’s Rapid Rise Is a Risk to Cybersecurity and Business Stability – but Organisations Are Unprepared

Industry / Press Release May 6, 2025

London, April 28 2025 -- Quantum computing has revolutionary potential; expected to change life as we know it – and is broadly welcomed by 56% of cyber and IT professionals as creating opportunities for business. That’s according to new research from ISACA, the leading global professional association helping individuals and organisations in their pursuit of digital trust.

However, the research revealed that despite a general sense of optimism about its revolutionary potential – as 44% believe quantum will create revolutionary innovations – IT professionals have clear concerns about quantum computing and the risk it presents. Over two thirds (67%) anticipate that quantum computing could increase or shift cybersecurity risks over the next decade, while 40% feel that it has the potential to disrupt existing business models. Worse still, 67% are worried about it breaking today’s internet encryption before platforms fully implement new post-quantum cryptography.

Chris Dimitriadis, Chief Global Strategy Officer at ISACA, said: “Given recent quantum advancements and breakthroughs, we can expect quantum computing to be present in our day-to-day platforms and processes within the next years. Whilst this will present great opportunities for innovation in several industries, significant cybersecurity risks emerge both in terms of quantum in a silo as well as through the rise of Quantum AI. For instance, cryptography is present in all businesses, industries and sectors, and quantum computing has the potential to break the cryptographic protocols that we use, rendering simple services useless. At the same time, quantum will substantially transform AI by boosting its capabilities, together with the risks associated with it.”

But despite the expected impact of quantum computing, organisations are not making a concerted effort to prepare for it

Although quantum computing is clearly a concern for a large proportion of IT professionals, only 4% said that their organisation has a defined quantum computing strategy.

Moreover, over half (52%) reported that their organisation has not integrated quantum computing into its formal strategy or roadmap and does not currently plan to. A further 40% of cyber and IT professionals report that their organisation has not yet considered implementing post-quantum cryptography.

Quantum skills must be prioritised

As well as lacking a quantum strategy, there is a low level of quantum literacy within businesses. Just 2% strongly agree they have a good understanding of the capabilities of quantum computing, and only 5% have a strong understanding of the new NIST post-quantum cryptography standards, even though NIST has been working on them for more than 10 years.

This literacy gap highlights how organisations are underprepared for the advent of quantum, and that they lack the skills needed to protect the business from emerging threats and adhere to new regulations. European agencies such as ENISA and the EuroHPC Joint Undertaking have emphasised the urgency of preparing for quantum computing, with the European Commission also investing heavily through programmes like the Quantum Flagship and Digital Europe. But this must go further in order to build a skilled workforce ready for the arrival of quantum computing.

Dimitriadis continues: “As a society that relies so heavily on digital systems, it's imperative that we take this seriously.Organisations must make sure that they are already planning about how their operations might look in a post-quantum world, while they keep developing an holistically trained workforce on AI. They simply cannot afford to defer this critical preparation, risking the stability of the global economy itself. We need to build a holistically trained workforce on Quantum (and continue doing this for AI) and then create a plan for transition to the post-quantum era, enabling the safe adoption of these emerging technologies, so we can enjoy the benefits of innovation in a safe manner.”

“Organisations must then prioritise creating, implementing and integrating a quantum strategy that shields them from the impacts of quantum, which is a high risk, yet high reward technology. Being properly prepared will enable them to leverage its power without compromising safety.”