Quantum-safe security: Preparing enterprises for the next threat

As far back as 1784, the world of locks, doors, and windows was fascinated by Joseph Bramah. Yes, the man who designed the unbreakable lock (that stood its bragging rights for many, many years). He used a round lock mechanism operated by a tubular key, claiming such complexity and security that he displayed it in his shop window and challenged people with a reward of 200 guineas to anyone who could open it.

In 1787, Joseph Bramah’s lock patent was granted, requiring 479,001,600 keys to open it under all its variations. It is stated that since 1963, the current mechanism has had 524,288 differences under all its variations. Such was the reputation and complexity of this lock that many tried and failed, till the big attempt in 1851, at the Great Exhibition in London, where AC Hobbs, an American locksmith, spent 52 hours spread over 16 days and claimed the prize.

The ‘key’ here was not just the complexity of the lock but the sheer number of keys and variations that untangling it required. If Hobbs had quantum tools handy back then, he might have solved these complex variations in the blink of an eye. Quantum computing outperforms classical computing in terms of scale, speed, and precision, with a significant margin. But what does that mean for networks, security and enterprise strategies?

Quantum Risks Reshaping Enterprise Security

Traditional encryption methods that were once considered secure are now increasingly vulnerable to the computational power of quantum systems utilised by cyber attackers, warns Vaibhav Dutta, AVP and Global Head, Cybersecurity Products and Services, Tata Communications. “This prompts the need for a strategic shift towards post-quantum cryptography and Quantum Key Distribution (QKD), which are gaining global momentum.”

Quantum computers harness quantum physics to perform operations exponentially faster than the most powerful conventional supercomputers, affirms Prashant Ramesh Malkani, Head of Network Infrastructure, Nokia India. “While this promises significant advancements for many industries, it also poses substantial threats to data integrity, confidentiality and authenticity.”

Quantum computing has the potential to undermine contemporary cryptographic techniques that support virtually all online transactions, digital signatures, websites, utilities, medical data, and other essential services, according to RV Raghu, ISACA Ambassador India and director of the ISACA Foundation. “The risk of ‘harvest now, decrypt later’, when thieves accumulate encrypted data for subsequent decryption via quantum capabilities, is a significant concern, as noted by 51% of respondents in India in our 2025 poll.”

Companies have begun to give serious focus to this new challenge in their development and security efforts. Malkani cites how Nokia’s Quantum-Safe Networks (QSN) are based on a proven defence-in-depth approach, creating an agile and resilient quantum-safe connectivity infrastructure. “Our approach to quantum-safe networking includes Cryptographic keys, which are high-quality keys based on either classic or quantum physics to ensure integrity and protection against attacks. We also use crypto-agility, the ability to adapt to evolving cryptography methodologies and threats, creating a QSN that is both agile and resilient. We have successfully demonstrated Quantum-safe networks to our prospective customers at our QSN lab with key focus around Classic Key Distribution Network and QKD Network use-cases.”

Pankaj Kitchlu, Systems Engineering Director for India and SAARC at Juniper Networks, illustrates how the company addresses this challenge through enterprise-grade quantum-safe innovations, including crypto-agile VPNs, hybrid encryption in SRX firewalls and MX routers, and active contributions to global post-quantum cryptography standards.

“At Tata Communications, we are already assessing readiness through quantum threat testing and pivoting to quantum-resistant algorithms,” points out Dutta.

A lot of effort is underway and looks quite compelling. But financial pragmatism and regulatory rigour will play a big role in the development and adoption of quantum edge. Dr Lawrence A Gordon, EY Alumni Professor of Managerial Accounting and Information Assurance at the Robert H. Smith School of Business, University of Maryland, advises considering this area from a cost-benefit perspective.

“My impression is that it would not be cost-effective for most organisations to adopt quantum security at this time. Organisations that handle highly sensitive data and are subject to significant regulatory requirements, such as certain government agencies and contractors, as well as healthcare and financial services companies, are the most likely to benefit from quantum security. With some creative adaptation, the Gordon-Loeb Model could be used to assess whether, and how much, to invest in quantum security.”

India’s Rise in Quantum-Safe Innovation

As this space opens up and etches solid contours, India is making sure it knows which doors to open and in time. The country is making decisive strides in this field, surmises Dutta. “This is happening through its National Quantum Mission, which is already piloting metro and satellite QKD networks, with successful demonstrations by DRDO and academic partners achieving secure quantum communication over free space.”

In Malkani’s reckoning, India is actively positioning itself as a key player in global quantum security initiatives, particularly in the domain of quantum communication and secure networks. “While the country is still in the building phase, its recent policies, missions, and strategic investments signal a serious national-level push.”

Kitchlu also opines that the Government of India is setting the stage to become a serious player in secure quantum communications through its National Quantum Mission, and early pilots in quantum key distribution.

From successful QKD trials and domestic product development to strategic public-private partnerships and hardware investments, India is making major advancements in quantum networking and cybersecurity, according to Zubair Chowgale, Sales Engineering Manager, APMEA, Securonix.

However, all that can be too little and too late if we do not pull up our sleeves quickly and effectively.

Let us turn to ISACA’s 2025 Quantum Computing Pulse Poll here. This poll indicated that 92% of organisations in India do not possess a quantum computing strategy, and 38% have yet to initiate preparations for quantum computing, points out Raghu, who is also the director of Versatilist Consulting India. “It is profoundly alarming that 53% of technology and cybersecurity professionals in India anticipate that quantum computing may soon undermine the current encryption standards, before the complete implementation of new post-quantum cryptography algorithms by browsers and websites, hence, creating a security vulnerability.”

We must take some challenges seriously, as Chowgale adds. Like ensuring that Post-Quantum Cryptography (PQC) is widely adopted, protecting critical infrastructure operational deployments, and protecting against threats from within, increasing India’s level of technical maturity in quantum infrastructure.

Building Readiness for the Quantum Era

Industry forecasts project that the global Quantum communication market is expected to grow at a CAGR of 23–25% through 2035. Dutta also believes that the future of cyber defence lies in readiness, achieved by developing quantum-aware strategies, embedding quantum-resistant encryption, and building secure digital fabrics that can withstand tomorrow’s technologies.

The problem is that a lot of us might assume we have enough time to cross that bridge when it comes.

Malkani rightfully highlights the concern in the industry that, since quantum computers do not exist, why should one worry about this? “We at Nokia believe that while a Cryptographically Relevant Quantum Computer (CRQC) may not exist yet, investment and technological evolution continue at an accelerating pace, with experts predicting that a CRQC will be available within the next 5–15 years. Therefore, it is crucial to act now to mitigate future risks.”

Kitchlu echoes that fear. “The core cybersecurity challenge persists: how do we secure today’s infrastructure against tomorrow’s quantum-powered threats? The ‘harvest-now, decrypt-later’ risk is real and growing.”

Interestingly, it would take a good grasp of Quantum Expertise to combat the security threats that Quantum poses ahead. Do we not remember Harry Houdini, the renowned escape artist, also known as the "Handcuff King"? He, too, apprenticed as a locksmith. And at quite a young age. The time to begin the quantum apprenticeship for enterprises, hence, is now.