Site search
Preparing for the post-quantum era of security
Preparing for the post-quantum era of security

Quantum computing is closer than you think

A game changer for cybersecurity

Historically residing somewhere between theoretical physics and science fiction, quantum computing now appears not only possible, but likely to have significant implications, particularly for the field of cybersecurity. 

The threat is considered sufficiently real and imminent that regulators and agencies are calling it out, with Reserve Bank Governor Michele Bullock recently warning banks of the 'big threat' to data security that emerging quantum technology poses.1

This guide gives general counsels, senior management and boards the insights they need to act now. Inside, you’ll find:

  • when quantum computing is expected to become commercially viable
  • why current encryption standards won’t survive the quantum era
  • practical steps to build quantum resilience before the threat materialises
  • the key questions boards should be asking today.

Organisations that fail to prepare could face regulatory exposure, operational disruption and reputational damage. Don’t wait for the threat to materialise—read our guide and prepare today.

Key takeaways

Quantum disruption is imminent

Quantum computers with practical application and scale could be available in the near term (by 2030 or potentially even earlier). While this creates exciting opportunities to make new discoveries and solve problems beyond the capability of current computing technologies, it also poses an imminent risks to the security of cryptographic protocols widely used to encrypt and secure data. Learn more.

Action cannot wait

The Australian Signals Directorate (the ASD) recommends organisations begin risk assessments and develop transition plans now to ensure quantum resilience by 2030. Learn more.

Regulatory expectations are rising

Existing regulatory frameworks will require organisations, particularly large financial institutions, to uplift their cybersecurity compliance activities to manage quantum-enabled risks. Learn more.

Companies with cyber insurance should closely monitor developments in post-quantum cryptography (PQC).

Cyber insurers may soon expect policyholders to take appropriate steps to mitigate risks associated with quantum attacks, including implementing approved PQC algorithms as they become available, or risk voiding their policies. Learn more.

Seven questions for boards to be asking

  1. What is our organisation's exposure to quantum computing threats?
  2. Do we have a quantum risk assessment and transition roadmap in place?
  3. What is our timeline and budget for implementing quantum-resistant solutions?
  4. How are we monitoring developments in quantum computing, post-quantum cryptography standards and regulatory regimes and expectations?
  5. What is our strategy for protecting long-lived sensitive data?
  6. What are the financial and operational implications of our quantum transition plan?
  7. How are we addressing quantum risk in our supply chain and third-party relationships?

Footnotes

  1. See Michele Bullock: RBA governor warns banks about quantum computing data threat, Australian Financial Review, 24 October 2025.  

  2. Quantum Technology Monitor 2025, McKinsey, 23 June 2025.