DigiCert reveals latest report on quantum computing threats

DigiCert has released findings from a new survey that revealed a significant gap between enterprise awareness of quantum computing threats and actual preparedness.

Findings

According to the company’s research, it shows that while 69% of organisations recognise the risk quantum computing poses to current encryption standards, only 5% have implemented quantum-safe encryption and 46.4% report that substantial portions of their encrypted data could be compromised.

The company states that the findings highlight a critical inflection point: Enterprises know the quantum clock is ticking, yet few have taken meaningful steps to secure their digital future.

DigiCert highlighted that with encryption underpinning everything from online banking and medical records to smart homes and cloud services, ensuring its strength and resilience is fundamental for protecting sensitive data.

“The ultimate goal”

Kevin Hilscher, Senior Director of Product Management, DigiCert commented: “The quantum era presents both a significant risk and a transformative opportunity as we reach an inflection point for enterprise security.

“Organisations should already be into the early phases of their quantum readiness plan – starting with asset discovery and risk assessment, with the ultimate goal of crypto-agility.”

Hilscher continued: “The groundwork being laid today will determine which organisations are positioned to maintain trust and resilience when quantum computing becomes a reality.

“DigiCert is supporting this journey with quantum-safe PKI solutions and frameworks that help enterprises manage complexity and take action with confidence.”

Preparedness

Despite a majority (69%) of organisations believing quantum computers will break current encryption within five years, preparedness remains low with only 38% feeling “very prepared” for quantum threats, while 19.2% claim they are “extremely prepared.” 

The company says that this gap highlights a clear disconnect as enterprises recognise the threat but are slow to act due to perceived complexity, uncertainty and believe that quantum computing is still a long way off. 

“A wake-up call”

Dr. Jim Goodman, CTO, Crypto4A stated: “The fact that only 5% of organisations have implemented quantum-safe encryption, despite widespread awareness of the threat, should be a wake-up call.

“Migrating to post-quantum cryptography isn’t just a software patch—it’s a foundational shift that requires full visibility into your cryptographic environment, upgrades to hardware, migration to quantum-safe roots of trust and cross-functional coordination.”

Goodman concluded: “Those already underway are ahead of the curve and better equipped to handle what’s next.”

Steps for quantum-safe security posture

Based on the findings, DigiCert stated that it recommends four steps for organisations to transition to a quantum-safe security posture:

1. Inventory cryptographic assets
2. Prioritise replacing encryption algorithms for crypto that needs to be trusted for a long time
3. Explore and test the ways an organisation incorporates post-quantum cryptography (PQC) algorithms
4. Become crypto-agile

According to the company, by identifying and managing crypto assets now, organisations can position themselves defensively against the threat of post-quantum cyberattacks and lay the foundation for a secure and trusted digital future.