From awareness to execution: Leading the charge in quantum-safe cybersecurity
Published 08 October 2025
Updated 17 October 2025
The implications for cybersecurity in the quantum computing era are profound. As business leaders, the responsibility to safeguard organizational assets against emerging threats falls on your shoulders. The IBM Institute for Business Value’s latest report, “Secure the post-quantum future,” offers critical insights into the state of quantum-safe readiness and the steps necessary to protect your organization.
Quantum computing promises to revolutionize industries, but it also poses significant risks to current encryption methods. Threat actors are already employing “harvest now, decrypt later” tactics, stealing encrypted data today with the intention of decrypting it once quantum capabilities mature. This situation underscores the urgency for organizations to transition to quantum-safe cryptographic protocols.
Think Newsletter
Would your team catch the next zero-day in time?
Join security leaders who rely on the Think Newsletter for curated news on AI, cybersecurity, data and automation. Learn fast from expert tutorials and explainers—delivered directly to your inbox. See the IBM Privacy Statement.
Your subscription will be delivered in English. You will find an unsubscribe link in every newsletter. You can manage your subscriptions or unsubscribe here. Refer to our IBM Privacy Statement for more information.
Despite the heightened awareness, the report reveals a concerning gap between awareness and action. While 73% of organizations report collaboration between business and technology leaders on quantum-safe strategies, only 19% have set near-term maturity goals.
The scarcity of required skills and the fragmented ownership landscape further exacerbate this disparity. Chief Technology Officers (CTOs) are most often cited as owners of quantum-safe initiatives, but effective action demands novel coordination across all organizational functions.
The IBM Quantum-Safe Readiness Index (QSRI) provides a framework for assessing an organization’s progress in quantum-safe initiatives. It evaluates activities across three key areas: discovery, observability and transformation. The average readiness score has increased from 21 in 2023, to 25 in 2025—indicating progress but highlighting the need for accelerated efforts.
A strategic asset in this transition is the business-first cryptographic inventory. Organizations must perform comprehensive assessments to map cryptographic implementations and dependencies. This inventory process is crucial for developing a quantum-safe transformation roadmap. However, fewer than one in three organizations have completed this step. Even fewer apply these insights to broader business transformation initiatives.
IBM’s CIO Office has demonstrated that establishing quantum-resilient cryptographic hygiene does not require massive organizational disruption. By leveraging tools such as IBM Quantum Safe™ Explorer, IBM achieved near-zero manual effort in discovering cryptographic artifacts, generating actionable cryptographic bills of materials (CBOMs) and identifying vulnerabilities.
Investing in quantum-safe capabilities should be reframed not as insurance against future risks but as a capability that delivers business value and transformation benefits. Organizations that outperform on agility, innovation, digital transformation and talent demonstrate greater quantum-safe readiness. Yet, many struggle to justify quantum-safe investments within traditional ROI frameworks.
Preparing now is essential to safeguard the digital backbone of every organization. Your leadership is pivotal in driving quantum-safe initiatives, fostering collaboration across functions and ensuring your organization is prepared for the quantum computing era. For a deeper dive into the findings and recommendations, the full report is available for further exploration.