Quantum Cybersecurity in 2025: Post-Quantum Cryptography Drives Awareness

Quantum computing is set to enter a new era of capability in 2025, but that means it poses a growing risk to current encryption protocols necessitating the adoption of post-quantum cryptography (PQC).

However, quantum technology can also offer improved security through advancements in quantum networking, quantum key distribution (QKD) and quantum random number generation (QRNG).

Enter Quantum has collected cybersecurity predictions from quantum computing providers and adopters, looking into how they expect the industry to change in the new year, what technologies are set to emerge and how businesses can adapt to meet the changing landscape.

Here are some of the major trends anticipated for 2025, including the migration to PQC, QKD, QRNG and the need for crypto-agility.

Quantinuum head of cybersecurity Duncan Jones  

“There are still significant hurdles before we reach the day when quantum computers are able to break classical encryption. According to the majority of scientists and academics, we are still about five to 10 years away from such an event. Gartner’s latest prediction is that advances in quantum computing will make most conventional asymmetric cryptography unsafe to use far sooner, by 2029.

While there is no set formula for assessing the risk and timing of the quantum threat, organizations can rely on progress in the following three areas as indicators: hardware progression, error correction and algorithm development. For instance, Quantinuum accelerated its roadmap for fully fault-tolerant quantum computing to 2030.

Related:Cybersecurity in 2025: Hybrid Strategies, Deepfakes and Crypto-Agility

Given where we stand today, the need to complete migration to PQC to effectively protect sensitive data needs to be prioritized, as technological developments could necessitate such quantum secure solutions sooner than 2035.

In 2024, there was a groundswell of reports detailing concern over the potential impacts of a post-quantum cyberattack on U.S. financial systems. One focused on the Federal Reserve and its Fedwire network that facilitates bank-to-bank transactions. The report by the Hudson Institute suggested that a hack executed by a powerful quantum computer in the future on macroeconomic financial institutions could render an indirect GDP loss between $2 trillion and $3.3 trillion. Another Hudson Institute report estimated that the overall cost of a major hack and devaluation of Bitcoin alone would equal $3 trillion in direct and indirect losses.

The quantum industry will likely see continued incremental advances in 2025, including hardware improvements in error correction and qubit scaling, expanded practical adoption of quantum key distribution and quantum random number generation (QRNG). There will also be ongoing research into quantum algorithms to break cryptography, though claims of dramatic breakthroughs should be treated with appropriate skepticism. 

Related:Enter Quantum’s Top 10 Most Read Stories of 2024

Organizations implementing quantum-safe strategies today should focus on PQC migration while ensuring their cryptographic foundations are as strong as possible through the use of QRNG. This approach provides immediate security benefits while preparing for future quantum-safe technologies.”

Florian Neukart, chief product officer, Terra Quantum  

“The increasing urgency to address cybersecurity challenges will drive the adoption of quantum-safe cryptographic solutions like QKD and post-quantum algorithms in 2025. Advancements in quantum networking, particularly quantum key distribution for securing critical infrastructure, will also accelerate.

At Terra Quantum we are scaling our cryptography solutions, leveraging our leadership in QKD and post-quantum cryptography to secure next-gen communications.

The increasing urgency to address cybersecurity challenges will drive the adoption of quantum-safe cryptographic solutions like QKD and post-quantum algorithms and is one of the factors that will drive industry growth in the coming year.” 

Michele Mosca, founder, EvolutionQ

“Organizations will rapidly adopt post-quantum cryptography, balancing security needs with compliance challenges.

The cybersecurity landscape is shifting dramatically, with enterprises recognizing the critical need to transition to quantum-resistant encryption. This migration represents a proactive approach to mitigating potential quantum computing threats, though implementing these solutions will require careful strategic planning.

Emerging threats drive demand for cryptographic diversity and agile defense strategies. Recent research, particularly from Chinese cybersecurity experts, underscores the complexity of modern cyber threats. Organizations must develop multi-layered, adaptable cryptographic approaches that can quickly respond to evolving technological risks.

Quantum threats will become a top agenda item for enterprise boards, with cryptographic resilience as a key business requirement. Chief information security officers (CISOs) are facing unprecedented pressure to demonstrate quantum readiness. As cloud and SaaS dependencies grow, understanding and mitigating quantum risks has become a critical leadership responsibility.

Nation-state cyberattacks and global instability will drive demand for stronger cryptographic systems and region-specific standards. Increasing geopolitical tensions are directly influencing cybersecurity strategies. Nations are developing region-specific cryptographic standards, recognizing that technological sovereignty is now as crucial as traditional defensive measures.”

Ben Packman, chief security officer, PQShield

“In 2025, enterprises will start deploying post-quantum cryptography at scale, moving out of the discovery phase at the start of their adoption roadmaps.

After NIST’s PQC standards were finalized in the summer of 2024, the conversation around PQC became more definite and adopting PQC became about compliance. For most businesses, the first phase of compliance was cryptographic discovery, in which they identified where their most critical data with the longest half-life lay and understood their vulnerabilities and their vendors’ as well. 

Now, most enterprises are entering 2025 with a greater understanding of what the transition to PQC means and how they can manage their assets to enter the “deployment” phase. At the same time, the pathway to compliance will become clearer as industry bodies align on a standard method for achieving “hybrid” protection, between PQC and traditional cryptography (PQ/T). As a result, enterprises will find it easier to stay one step ahead of the attackers and modernize their cryptography.”

Todd Moore, vice president, of data security products, Thales

“Earlier this year, NIST released its first sets of post-quantum encryption algorithms. Before these standards were released, many enterprises needed help grasping the need for PQC. NIST's standards have brought urgency to address the impact of quantum advancements and the need to address these threats.

Even though the TLS and SSH protocols have been updated to meet NIST's new standards, NIST is already working on its next set of algorithms, meaning that the algorithms implemented today will be different by the time the threat of quantum computing arrives. This points to the importance of crypto agility in adapting to these evolving security recommendations.

While TLS and SSH protocols are being updated to meet NIST's standards, enterprises will need to embrace crypto-agility in 2025. The biggest barrier will be ensuring they have the time and resources to identify their exposure, take inventory of their assets and employ crypto discovery. This will manifest in a steady rise of crypto centers of excellence among major enterprises. Enterprises must place agility at the center of their quantum readiness, ensuring crypto-agile solutions are leveraged to keep pace with emerging quantum-resistant cryptography.”