The impact of AI on IT security is currently dominating nearly every business discussion – and rightly so. AI is having a profound impact on both cyber defense and cyber threats. Now, another threat is emerging that is at least as – or more – disruptive as AI. And this new threat is becoming more acute than previously expected.
A Quantum Leap
Quantum computing offers the opportunity to significantly enhance – but also undermine – cybersecurity capabilities in several key areas. One of the most notable advantages of quantum computers is their ability to solve complex mathematical problems much faster than classical computers. This has serious implications for cryptographic systems, as many widely used encryption algorithms rely on the difficulty of factorizing large numbers or solving discrete logarithm problems.
Quantum computers could solve these problems quickly and efficiently, making many current encryption methods vulnerable. This puts the data security of many companies at risk. It affects all companies, organizations, public administrations and critical infrastructures - and especially companies whose assets are based on data: banks and insurance companies.
Action Must Be Taken More Quickly
Until now, it could be assumed that there was still a relatively long time to prepare for post-quantum encryption, i.e., data encryption that is resistant to attacks based on quantum computing. However, advances in research and development and, in particular, the strategies of cyber criminals are increasing the time pressure on this topic.
Only a few quantum computers currently exist, and they are also very complex. With regard to the public key cryptography currently in use (e.g., RSA and ECC), it is currently expected that it can be broken by quantum computers in the 2030s.
However, at the beginning of December 2024, Google presented its Willow quantum chip, which has a particularly low error rate and, above all, represents a significant step toward the commercial use of quantum computing. Quantum computing pioneer IBM also reported major advances at the end of 2024. With the Heron quantum chip in combination with the Qiskit quantum software, IBM has set new standards in performance. This puts IBM on schedule for its roadmap to an error-corrected system.
The harvest-now-decrypt-later strategy used by cyber criminals is already threatening and worrying. This involves stealing data to decrypt it later when the necessary technology is available. Sensitive data must therefore be better protected against unauthorized access now, even if it is assumed to be sufficiently protected by strong encryption.
Advice Is Increasingly in Demand
The threat of quantum computing, which is becoming a reality at an increasingly rapid pace, means there is a great need for advice and guidance. This is particularly true for very vulnerable industries, such as the banks and insurance companies mentioned above. It is expected that, by 2027, more than 80% of banks and insurance companies will have sought advice on post-quantum encryption to be prepared for the disruptive threats posed by quantum technology.
By 2027, more than 80% of banks and insurance companies will have sought advice on post-quantum encryption in order to be prepared for the disruptive threats posed by quantum technology.
-Frank Heuer
The rapid development of the topic is also reflected in the communication of cybersecurity provider companies. In the provider survey for the ISG Cybersecurity Provider Lens benchmark, 13% of products and services providers explicitly mentioned quantum computing in 2023. In 2024, this figure was already 62%.
ISG helps enterprises address the security challenges of quantum computing. Our current vendor comparison ISG Cybersecurity Provider Lens 2025 addresses aspects of quantum computing. The vendor survey has just been launched. The results will be published in the summer of 2025. Find the 2024 study here.
If your company is represented in the Cybersecurity Provider Lens 2024 study and you would like to use the results, please contact us. Please also contact us if you offer cybersecurity products or services in Australia, Brazil, France, Germany, Switzerland, U.K. or the U.S. and have not yet received an invitation to the provider survey. Results are used to help enterprises find cybersecurity providers that offer the cybersecurity products and services they need.
This article is partly based on Frank’s talk at the ISG Provider Lens Leader Ceremony in Frankfurt, Germany in 2024.
About the author
Frank Heuer
Frank Heuer is a Senior Advisor at ISG Germany. His main areas of coverage include the digital workspace, communications, social business & collaboration, cloud computing with a special focus on workspace/unified communications & collaboration as a service, and security.
The focus of his work is on advising ICT providers on strategic and operational marketing and sales issues. Mr. Heuer act as speaker on conferences and in web casts and is a member of the IDG expert network.
