Survey Sees Little Post-Quantum Computing Encryption Progress - Security Boulevard

LinkedInFacebookRedditEmailShare Data Security Featured Governance, Risk & Compliance Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight by Michael Vizard on February 10, 2026 A global survey of 4,149 IT and security practitioners finds that while three-quarters (75%) expect a quantum computer will be capable of breaking traditional public key encryption within five years, only 38% at this point in time are preparing to adopt post-quantum cryptography.Conducted by the Ponemon Institute on behalf of Entrust, a provider of a platform for securing identities, the survey also finds that less than a third (32%) are creating an inventory of their cryptographic assets and/or ensuring they are crypto-agile.More than two thirds (68%) said managing cryptographic assets such as keys, certificates and secrets is extremely or very difficult, with 41% citing limited visibility into cryptographic assets as the top barrier to PQC readiness.Greg Wetmore, vice president of product development at Entrust, said given how long it has previously taken to migrate away from legacy encryption technologies it’s clear many organizations are already falling behind. Assuming the first quantum computers capable of breaking existing schemes arrive by 2029, organizations now have less than three years, or approximately 800 working days, to migrate.As such, it’s already apparent organizations will need to start prioritizing specific migration projects based on the sensitivity of the data at risk, added Wetmore. In some cases, that may mean replacing legacy applications and IT systems, but even then there will still be a lot of applications containing sensitive data that should be migrated before more advanced quantum computers come online, noted Wetmore.Of course, it may already be too late to protect existing data. It’s suspected that nation states are already stealing massive amounts of encrypted data that they expect to be able to one day decrypt. While much of that data may not be especially valuable in three years, more than half of survey respondents said a cyberattack involving quantum computers would have a serious impact on their organization or industry. Well over half (59%) said such an attack could expose long-term sensitive data such as health records and trade secrets, while 58% acknowledged they could lose access to critical infrastructure.The biggest challenge is, naturally, convincing business leaders that have multiple projects and initiatives to fund using limited budgets to allocate resources to PQC when it is now perceived to be a near and present danger. Despite warnings from Google and advisories from the National Institute of Standards and Technology (NIST), massive amounts of funding are instead being allocated to, for example, artificial intelligence (AI) tools and platforms that are generating more potentially sensitive data than ever.Some savvy cybersecurity teams have, however, been able to attach encryption upgrades to AI projects to protect that data, while others are embedding the cost of upgrading encryption within a zero-trust IT initiative, said Wetmore.Regardless of how these projects are funded, the one thing that is certain is that the day when quantum computers can break encryption schemes, also known as Q-Day, is not likely to be formally announced. Instead, it will just be assumed that, based on the amount of quantum computing capabilities that any one nation can access, that day has arrived with little to no fanfare.Recent Articles By Author Survey: Widespread Adoption of AI Hasn’t Yet Reduced Cybersecurity Burnout Versa SASE Platform Now Prevents Sensitive Data From Being Shared With AI Orchid Security Adds Ability to Audit Behaviors by Identity More from Michael Vizard TwitterLinkedInFacebookRedditEmailShare TwitterLinkedInFacebookRedditEmailShare February 10, 2026February 12, 2026 Michael Vizard cryptography, Cybersecurity, encryption, Q-Day, quantum computing, zero trust