It’s time for CIOs to think about post-quantum cryptography

With the threat that quantum computers will break current encryption methods “looming on the horizon,” the adoption of post-quantum cryptography is now a critical priority, particularly for those industries that handle sensitive data, a report released Tuesday revealed.The current and future state of quantum are among six trends contained in Info-Tech Research Group’s Tech Trends 2025 report, based on responses from an estimated 1,000 IT decision-makers in the US, Canada, Asia Pacific (APAC), and Europe, who were surveyed between March and July of this year.According to the report, “quantum computing has moved beyond theoretical exploration and is now accessible through cloud platforms, enabling real-world business experiments. As organizations begin leveraging quantum hardware to solve complex problems, industries such as media, government, and financial services are leading the charge in quantum investments.”When it comes to plans to invest in quantum computing and post-quantum cryptography, there were clear similarities among respondents in various sectors. Results showed 33% of organizations in the media, telecom, and technology sectors investing in quantum computing, followed by 27% in the public sector, and 20% in financial services.On the post-quantum cryptography front, 31% of what Info-Tech described as “advanced IT departments” are planning to invest in the technology before the end of next year. That compares to 16% of “average IT departments.”Brian Jackson, principal research director and lead author of the report, said, “preparedness is critical as organizations face increasing risks from ‘Harvest Now, Decrypt Later’ cyberattacks.”In the report, he wrote, “the progress of quantum computing harkens the risks organizations will face as a result of the new computing capabilities it promises. The most urgent among them is that quantum computing will inevitably be able to crack a majority of the encryption methods that we use today.”He pointed out that the US National Institute of Standards and Technology (NIST) “has been working on new quantum-resistant methods of encryption known as post-quantum cryptography since 2016. It published the first set of those standards in the summer of 2024, marking a one-year countdown for US federal agencies to create a plan to migrate their encryption standards as mandated by the US Quantum Computing Cybersecurity Preparedness Act. If other organizations are wise, they won’t be too far behind.”Four more predictions for 2025The other four trends Info-Tech sees as being pervasive next year are:Deepfake Defense: Deepfakes are, the research firm said, becoming a “powerful tool for fraud and misinformation. IT leaders are prioritizing AI-powered detection tools and content authentication methods, such as blockchain, to combat the rising threat of AI-powered cyberattacks and ensure the integrity of their data.”Expert Models: According to the report, “as AI matures, organizations are increasingly developing custom AI models tailored to their specific industries. These expert models improve the accuracy and relevance of AI outputs, enabling businesses to derive exponential value from IT investments.”AI Sovereignty: The reports stated that organizations “are focusing on balancing AI adoption with governance and control to protect sensitive data, reduce costs, and ensure AI performance. By 2026, more companies will run localized AI models to improve cost-effectiveness and maintain control over their AI initiatives.” Upwards of 65% of respondents cited privacy and security concerns being among the top factors influencing AI investment decisions.Lessons for CIOsAccording to Jackson, there are two lessons to draw from the findings for IT leaders looking ahead to 2025. Historically, he wrote, “chief information officers have been accountable for the recordkeeping at their organizations. Like a resident historian, CIOs maintained the integrity of an organization’s past, making it verifiable and auditable. With digital transformation, CIOs were asked to do more to report on the current state of the organization – in as real-time as possible.”“[The business intelligence and analytics] required to drive decision-making couldn’t be based on old information. Now, as firms push their investment into artificial intelligence (AI), and more specifically generative AI, the focus shifts to simulating the future. In a fast-changing and uncertain world, AI predicts different scenarios based on the probability of the outcome. Generative AI provides an output that aims to simulate a human response prompted by an input.”

With the threat that quantum computers will break current encryption methods “looming on the horizon,” the adoption of post-quantum cryptography is now a critical priority, particularly for those industries that handle sensitive data, a report released Tuesday revealed. The current and future state of quantum are among six trends contained in Info-Tech Research Group’s report, based on responses from an estimated 1,000 IT decision-makers in the US, Canada, Asia Pacific (APAC), and Europe, who were surveyed between March and July of this year. According to the report, “quantum computing has moved beyond theoretical exploration and is now accessible through cloud platforms, enabling real-world business experiments.

As organizations begin leveraging quantum hardware to solve complex problems, industries such as media, government, and financial services are leading the charge in quantum investments.” When it comes to plans to invest in quantum computing and post-quantum cryptography, there were clear similarities among respondents in various sectors. Results showed 33% of organizations in the media, telecom, and technology sectors investing in quantum computing, followed by 27% in the public sector, and 20% in financial services.

On the post-quantum cryptography front, 31% of what Info-Tech described as “advanced IT departments” are planning to invest in the technology before the end of next year. That compares to 16% of “average IT departments.” Brian Jackson, principal research director and lead author of the report, said, “preparedness is critical as organizations face increasing risks from ‘Harvest Now, Decrypt Later’ cyberattacks.

” In the report, he wrote, “the progress of quantum computing harkens the risks organizations will face as a result of the new computing capabilities it promises. The most urgent among them is that quantum computing will inevitably be able to crack a majority of the encryption methods that we use today.” He pointed out that the US National Institute of Standards and Technology (NIST) “has been working on new quantum-resistant methods of encryption known as post-quantum cryptography since 2016.

It published the first set of those standards in the summer of 2024, marking a one-year countdown for US federal agencies to create a plan to migrate their encryption standards as mandated by the US Quantum Computing Cybersecurity Preparedness Act. If other organizations are wise, they won’t be too far behind.” Four more predictions for 2025 The other four trends Info-Tech sees as being pervasive next year are: Deepfakes are, the research firm said, becoming a “powerful tool for fraud and misinformation.

IT leaders are prioritizing AI-powered detection tools and content authentication methods, such as blockchain, to combat the rising threat of AI-powered cyberattacks and ensure the integrity of their data.” According to the report, “as AI matures, organizations are increasingly developing custom AI models tailored to their specific industries. These expert models improve the accuracy and relevance of AI outputs, enabling businesses to derive exponential value from IT investments.

” The reports stated that organizations “are focusing on balancing AI adoption with governance and control to protect sensitive data, reduce costs, and ensure AI performance. By 2026, more companies will run localized AI models to improve cost-effectiveness and maintain control over their AI initiatives.” Upwards of 65% of respondents cited privacy and security concerns being among the top factors influencing AI investment decisions.

Lessons for CIOs According to Jackson, there are two lessons to draw from the findings for IT leaders looking ahead to 2025. Historically, he wrote, “chief information officers have been accountable for the recordkeeping at their organizations. Like a resident historian, CIOs maintained the integrity of an organization’s past, making it verifiable and auditable.

With digital transformation, CIOs were asked to do more to report on the current state of the organization – in as real-time as possible.” “[The business intelligence and analytics] required to drive decision-making couldn’t be based on old information. Now, as firms push their investment into artificial intelligence (AI), and more specifically generative AI, the focus shifts to simulating the future.

In a fast-changing and uncertain world, AI predicts different scenarios based on the probability of the outcome. Generative AI provides an output that aims to simulate a human response prompted by an input.”.