Quantum computing tops cybersecurity concerns, Capgemini study reveals

One major concern is “harvest-now, decrypt-later” attacks—where encrypted data is stolen for future quantum decryption—with 65% of organizations alarmed and 60% of early adopters expecting Q-day within five to ten years

A new global study by the Capgemini Research Institute reveals that nearly two-thirds of organizations now identify quantum computing as the most critical cybersecurity threat they face within the next three to five years. The report, titled “Future Encrypted: Why Post-Quantum Cryptography Tops the New Cybersecurity Agenda,” highlights growing concerns that advances in quantum computing will soon render current encryption methods obsolete.

One of the biggest fears cited in the report is the rise of “harvest-now, decrypt-later” attacks, where cybercriminals intercept and store encrypted data today with the intention of decrypting it once quantum technology becomes powerful enough. Around 65% of organizations surveyed expressed worry over this tactic. Additionally, 60% of early adopters—organizations actively preparing for quantum threats—predict that “Q-day,” the point at which quantum computers can break existing encryption, will occur within the next five to ten years.

Marco Pereira, Global Head of Cybersecurity at Capgemini, stressed the urgency of preparing now: “Quantum readiness isn’t about predicting an exact date, it’s about mitigating irreversible risk. Any encrypted data stored today could be compromised in the future unless organizations act proactively.”

Many firms still unprepared

Despite growing awareness, the study found a significant readiness gap. About 30% of companies remain unprepared, primarily due to budget limitations and a shortage of skilled personnel. While sectors such as defence, banking, and telecommunications are leading the charge in adopting quantum-safe technologies, consumer-focused industries like retail and consumer goods lag behind—even though they face comparable data security risks.

Post-quantum cryptography (PQC) is emerging as the preferred solution, with 70% of respondents identifying it as the most effective approach to safeguarding data against both classical and quantum attacks. Nearly half of early adopters are already piloting or evaluating PQC technologies, often driven by increasing regulatory pressures aimed at securing sensitive information in the quantum era.

The report draws on a survey of 1,000 companies from 13 industries across multiple global regions, underscoring the urgent need for businesses worldwide to bolster their cybersecurity strategies in preparation for the quantum computing revolution.