Full Report
The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event
Analysis Summary
# Industry News: Quantum Computing Threat Dominates Cybersecurity Agenda at Infosecurity Europe 2025
## Summary
Growing real-world advancements in quantum computing, exemplified by Microsoft’s new chip and demonstrated quantum coherence, are accelerating the urgency around post-quantum cryptography (PQC). Regulatory bodies like NIST and NCSC are pushing mandatory transitions, signaling that the cybersecurity industry must rapidly adopt new quantum-resistant standards to mitigate the "harvest now, decrypt later" threat, heavily impacting sectors like finance.
## Key Details
- Date: Announcements span early 2025 through upcoming event (Infosecurity Europe 2025 starts June 3, 2025).
- Companies Involved: Microsoft, JPMorgan Chase, Quantinuum, Santander, IBM, Cloudflare, HSBC, Vodafone, Akamai, NIST (US), NCSC (UK).
- Category: Industry Awareness/Standardization & Product Implementation Focus
## The Story
The looming threat of quantum computers capable of breaking current encryption (RSA, AES) is shifting from theoretical concern to imminent business risk, highlighted by recent technological milestones. These include Microsoft unveiling its Majorana 1 quantum chip, which promises faster development, and research achieving certified randomness via quantum computers. This progress fuels 'harvest now, decrypt later' attacks where encrypted data is stolen today for future decryption. In response, governments are enforcing timelines: NIST has formalized initial PQC standards, and the UK’s NCSC has set a 2035 deadline for full migration. Major vendors are integrating these standards, with Cloudflare embedding PQC into its zero-trust platform and financial institutions like HSBC trialing quantum-safe transactions. These developments signal a critical migration phase is underway across digital infrastructure.
## Business Impact
### For the Companies Involved
- **Tech Providers (e.g., Microsoft, Cloudflare, Akamai):** This trend positions them as leaders in the PQC transition, driving new product sales and service adoption for network security upgrades and zero-trust architectures.
- **Financial Institutions (e.g., Santander, HSBC):** They face immediate pressure due to highly sensitive data stockpiling risks, driving early strategic investment in PQC trials and deployment to maintain regulatory compliance and data confidentiality.
- **Industry Speakers (e.g., IBM, Quantum Researchers):** Their involvement reinforces their thought leadership and proprietary positioning in the quantum-resistant technology ecosystem.
### For Competitors
- Companies that delay PQC migration risk being seen as technologically lagging and carrying higher latent data breach liabilities. Early movers in implementing NIST-aligned solutions gain a competitive trust advantage, particularly in regulated industries.
### For Customers
- Customers will increasingly see PQC implementations as a mandatory security feature, rather than an optional upgrade. Early adopters of services integrated with PQC (like Cloudflare’s platform) will gain immediate protection against future quantum decryption, while others face an urgent need to budget and plan for system-wide cryptographic rollover.
### For the Market
- The market is transitioning into a large-scale PQC migration cycle, creating significant revenue opportunities for security vendors specializing in cryptographic agility, inventory management, and PQC testing/hardware. It confirms cryptography modernization as a major, multi-year investment theme.
## Technical Implications
The technical shift centers on adopting NIST-standardized algorithms (e.g., lattice-based cryptography for key exchange and signatures) to replace vulnerable public-key infrastructure. Critical technical challenges involve managing hybrid modes (running both classical and PQC algorithms simultaneously during transition) and dealing with potential performance overheads introduced by PQC algorithms in high-throughput environments like telecom networks (Vodafone trials) and web services.
## Strategic Analysis
- Market Positioning: The focus has shifted from *if* PQC is necessary to *how fast* organizations can deploy NIST standards. Companies that master this transition quickly will dominate the emerging PQC product segment.
- Competitive Advantage: Establishing quantum-safe supply chains and offering demonstrable compliance with emerging PQC mandates will become a prerequisite for high-value contracts, especially in government and finance.
- Challenges: The primary challenge is cryptographic agility—identifying, inventorying, and systematically replacing every instance of vulnerable cryptography across complex, legacy infrastructures before the quantum threat materializes (estimated within five years).
## Industry Reactions
- Analyst opinions strongly suggest that the urgency signaled by commercial chip releases and government timelines means the industry pipeline for quantum-secure solutions must expand rapidly.
- Expert commentary emphasizes that the current focus must be on governance and inventory management, as the technical deployment of PQC will be complex and lengthy.
## Future Outlook
- We can expect increased pressure throughout 2025/2026 for enterprise-wide cryptographic asset management tools. Vendor announcements will increasingly detail PQC readiness levels and timelines for specific product suites. Watch for regulatory bodies beyond the US and UK to issue similar mandatory transition guidelines.
## For Security Professionals
Practitioners must immediately prioritize cryptographic inventory assessment. Understanding where RSA/ECC are used, assessing data retention policies aligned with the "harvest now, decrypt later" risk window, and engaging with vendors about their PQC roadmap compliance are now critical tasks. Familiarity with the NIST PQC standards and migration strategies outlined by bodies like the NCSC is essential preparation for implementation cycles beginning shortly.