Read our latest magazine

15 July 2026

Exposed Magazine

Nearly everything you do online is protected by encryption, from banking and messaging to the systems that keep businesses running. A new breed of computer is being built that can pick those locks, and the defence against it is called post-quantum cryptography. A 2025 ISACA survey of more than 2,600 professionals found that 62% expect quantum machines to break current encryption, yet only 5% work somewhere with a plan to respond. That distance between concern and action is where the danger sits. The encouraging news is that the fix already exists and is being rolled out now. Here is what the term means, why 2026 is a turning point, and how organisations across the UK can prepare.

Key Takeaways

  • Post-quantum cryptography uses algorithms designed to resist attacks from both classical and quantum computers.
  • Quantum machines can break the public-key encryption, including RSA, behind most secure connections.
  • Attackers already harvest encrypted data now, planning to decrypt it once quantum hardware matures.
  • NIST published the first quantum-resistant standards in 2024, and browsers already use them.
  • A cryptographic inventory plus crypto-agility are the sensible first steps for any organisation.

Post-Quantum Cryptography, Defined

Post-quantum cryptography is a family of encryption and signature algorithms designed to withstand attacks from quantum computers while running on the classical hardware we already use. It swaps the maths that quantum machines can crack for problems they cannot solve efficiently. For anyone weighing the options, understanding how post-quantum cryptography works has moved from a niche interest to a boardroom concern.

You will also see it described as quantum-resistant or quantum-safe cryptography. All three names point to the same aim: keeping information private long after powerful quantum computers arrive. In other words, it future-proofs the locks before the tools to pick them exist.

Worth knowing: this technology does not need a quantum computer to run. It works on ordinary servers, laptops, and phones, which is precisely why the shift can begin straight away.

Why Today’s Encryption Is at Risk

Modern encryption rests on a few hard math problems. RSA and elliptic curve cryptography stay secure because classical computers cannot factor enormous numbers or solve discrete logarithms quickly. A capable quantum computer, running Shor’s algorithm, could unpick both within hours.

Symmetric encryption copes better. Ciphers such as AES face only Grover’s algorithm, which weakens rather than breaks them, so longer keys restore their strength.

The hard part is scale. The vulnerable algorithms are woven through browsers, payment systems, private networks, and software updates, so replacing them is a multi-year programme rather than a quick fix.

Warning: the threat is not only tomorrow’s hardware. In a harvest now, decrypt later attack, adversaries copy encrypted data today and store it, ready to unlock the moment a capable machine exists. Anything that must stay private for a decade is already exposed.

The table below shows what survives the shift and what does not.

EncryptionRoleWhat quantum does
RSASecures websites and emailBroken by Shor’s algorithm
Elliptic curve (ECC)Signatures and mobile appsBroken by Shor’s algorithm
Diffie-HellmanKey exchangeBroken by Shor’s algorithm
AES-256Encrypts stored dataWeakened, safe with longer keys

Mapping which systems rely on the vulnerable algorithms is the groundwork for keeping business data secure as those standards change.

The New Standards, Explained

After an eight-year public competition that began with 82 submissions from 25 countries, NIST finalised the first three post-quantum standards in August 2024. Most are lattice-based, which means their security rests on the difficulty of finding short vectors inside high-dimensional grids. That math has been studied for decades without a practical break, which is a large reason cryptographers trust it against quantum and classical attacks alike.

A rigorous, years-long contest narrowed dozens of candidates to a trusted few.

The three standards anchor the whole transition.

StandardAlgorithmPurpose
FIPS 203ML-KEM (from CRYSTALS-Kyber)Quantum-safe key exchange and encryption
FIPS 204ML-DSA (from CRYSTALS-Dilithium)Primary digital signatures
FIPS 205SLH-DSA (from SPHINCS+)Backup hash-based signatures

Two ideas make adoption realistic. Hybrid encryption runs a classical algorithm and a quantum-safe one together, so systems stay compatible during the change. Crypto-agility is the freedom to switch algorithms later without rebuilding an application from scratch.

“There is no need to wait for future standards. Go ahead and start using these three.”  Dustin Moody, NIST

If the standards feel abstract, the national standards body offers a plain-language primer that explains the ideas without the heavy maths.

Why 2026 Is the Turning Point

For years, this was a topic for researchers and cryptographers. In 2026 it has become an operational priority, and three shifts explain why. The change is not hype; it reflects concrete milestones that have landed over the past two years.

First, the standards are final and ready to deploy, not drafts. Second, adoption is already widespread, since major browsers negotiate post-quantum keys and popular messaging apps protect chats with them. Third, the timelines have tightened, with research in 2026 suggesting that breaking some encryption may need far fewer quantum resources than once believed. In practical terms, the comfortable buffer that once made this a problem for the 2030s has narrowed sharply.

Britain has set out a clear path. The UK’s cyber authority expects organisations to plan their migration by 2028, upgrade the highest-priority systems by 2031, and finish the job by 2035.

The same guidance warns organisations to assume that sensitive encrypted data is already being harvested today for decryption later.

The UK roadmap turns an abstract threat into concrete dates.

[Video: “What Is Post-Quantum Cryptography?” by IBM: https://www.youtube.com/watch?v=ezynPVSdZVY]

This short explainer breaks down what the standards change and why the timing matters. Whether you run a startup or a large enterprise, securing a hybrid workforce now includes planning for this shift.

How UK Organisations Can Prepare

Preparation begins with visibility. A cryptographic inventory maps every place encryption lives, across websites, private networks, databases, apps, and third-party suppliers. You cannot protect what you have never catalogued.

After that, rank the inventory by how long each dataset must stay confidential. Long-life, high-value records move to the front, since they meet the harvest threat first. For many UK firms that map has never existed, because encryption has been bolted on piecemeal over years by different teams and suppliers. Building that picture first turns a daunting task into a series of manageable steps.

Key stat: a late 2025 industry study found that 81% of security professionals believe their cryptographic tools and hardware are not yet ready for the switch, so most of this groundwork remains undone.

Practical steps worth starting now:

  • Build and maintain a living cryptographic inventory across the whole estate.
  • Classify data by how long it must remain secret, then protect the oldest first.
  • Deploy hybrid encryption so nothing breaks during the transition period.
  • Favour crypto-agile systems for anything new you build or buy.
  • Ask every critical supplier for a clear post-quantum roadmap and timeline.

Good habits carry across. The same discipline behind secure remote access practices and sensible management of your digital assets makes the migration far smoother.

Pro tip: treat the move as an ongoing programme, not a one-off project. Fold it into the security reviews you already run, so progress stays funded and tracked as the standards keep maturing.

Frequently Asked Questions

What does post-quantum cryptography actually mean?

It is encryption built to withstand quantum computers while operating on the machines we use today. The approach replaces vulnerable methods such as RSA with algorithms that quantum hardware cannot crack efficiently.

Is quantum cryptography the same as post-quantum cryptography?

No. The post-quantum kind runs as software on ordinary computers and resists quantum attacks. Quantum cryptography instead uses the physics of particles to secure data, and it needs specialised hardware to work.

Can quantum computers break encryption today?

Not yet. No public quantum computer can crack strong encryption at present. The concern is future hardware combined with data stolen now, which is why firms are urged to prepare well ahead of the threat.

Why has post-quantum cryptography become urgent in 2026?

The standards are complete, adoption is spreading through browsers and apps, and expert timelines have shortened. UK guidance also expects planning to begin now, making 2026 the year preparation shifts from optional to essential.

How long does the migration take?

Plan for years, not months. Encryption runs through apps, networks, and supplier links. UK guidance targets completion by 2035, so an early cryptographic inventory keeps the whole programme manageable.

The Time to Prepare Is Now

The quantum era is no longer a distant headline. The encryption guarding today’s data was never designed to survive it, and the switch will take years to complete across apps, networks, and suppliers. Post-quantum cryptography offers a proven way through, and this year the standards, browsers, and official guidance are finally lined up. Organisations that map their cryptography, protect their longest-lived secrets, and build in the freedom to change algorithms will move through it calmly. Those who wait simply hand attackers a head start.

References

NIST, NIST Releases First 3 Finalized Post-Quantum Encryption Standards, 2024. https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards

NIST, What Is Post-Quantum Cryptography?, 2026. https://www.nist.gov/cybersecurity/what-post-quantum-cryptography

National Cyber Security Centre, Timelines for Migration to Post-Quantum Cryptography, 2025. https://www.ncsc.gov.uk/guidance/pqc-migration-timelines

ISACA, 2025 Quantum Computing Pulse Poll (reported by The Quantum Insider), 2025. https://thequantuminsider.com/2025/04/28/organizational-quantum-readiness-remains-low-poll-finds-only-5-of-organizations-have-a-quantum-computing-roadmap/

Trusted Computing Group, State of PQC Readiness, 2025. https://trustedcomputinggroup.org/91-of-businesses-do-not-have-a-roadmap-in-place-to-protect-against-quantum-threats-finds-new-industry-survey/

Fact Check: All statistics and data points in this article were verified against original sources as of July 6, 2026. Sources are listed in the References section.