Quantum computing is often discussed as a future technology, but its impact on digital security is already shaping how organizations think about protecting data. As companies expand across multiple cloud platforms and rely more on artificial intelligence (AI), keeping systems secure and consistent has become harder.
This complexity makes it difficult for enterprises to follow a Zero Trust approach, which assumes no system or user should be trusted by default.
Quantum computing adds a new layer of concern. The main risk is its potential ability to break today’s encryption, which protects online communications, logins, financial transactions, and personal data.
“Quantum risk refers to the point at which quantum computers become powerful enough to break the encryption that secures nearly all of today’s digital communications,” Anand Oswal, EVP, Palo Alto Networks, said in an email interview with Back End News. “Ongoing advancements in quantum computing technology are accelerating the timeline, with many experts now predicting that this capability will be available within the next few years.”
Encryption is a core part of digital life, even if most people are unaware of it. It protects emails, mobile apps, online banking, and medical records. The concern is not only about future attacks. Oswal said that some attackers are already collecting encrypted data today with the intention of decrypting it later.
For data that remains valuable for many years, such as healthcare records, financial data, and government information, this creates a serious problem. Attackers may not be able to read the data now, but they are storing it until quantum computers are strong enough to unlock it.
Most organizations also struggle with a more basic issue. Many do not have a clear picture of where encryption is being used across their systems. This lack of visibility makes it harder to apply consistent security rules, especially in Zero Trust environments that rely heavily on strong authentication and encrypted connections.
“This threatens encryption standards underpinning Zero Trust’s ‘never trust, always verify’ principle; in particular, public-key cryptography used for authentication and encrypted communications, which is the encryption that protects logins, communications, and device verification,” Oswal said.
At the same time, AI is speeding up the overall threat landscape. Automation allows attackers to find weaknesses faster, while researchers are also using AI to accelerate progress in quantum computing. Together, these trends shorten the time organizations have to prepare.
Despite this, many companies still view quantum risk as a distant concern. Oswal said that waiting is risky because becoming quantum-safe is not a quick process. Every device, application, and infrastructure component that relies on encryption must eventually support new, quantum-resistant standards. Even a delay of a year reduces the time available to assess systems, plan upgrades, and deploy protections.
Palo Alto Networks is seeing its PAN-OS 12.1 Orion platform as a way to help organizations start this process. One feature focuses on identifying where older encryption methods are used across cloud workloads, APIs, and network connections. This inventory helps security teams see which parts of their environment may be vulnerable.
Another feature, called cipher translation, is designed to address a common problem. Many organizations depend on older systems that cannot be easily upgraded to support new encryption standards. Replacing them immediately may be costly or disruptive. The cipher translation approach acts as an intermediary, translating older encryption into quantum-safe encryption and back again. This allows sensitive data to remain protected while legacy systems continue to operate.
A cryptographic risk dashboard is also used to give teams a clearer view of their encryption posture. It shows which systems meet post-quantum cryptography standards and which do not.
“This visibility helps teams prioritize areas that need attention, plan upgrades for applications that can support post-quantum cryptography, and apply protections for systems that can’t be immediately updated,” Oswal said.
Beyond encryption, PAN-OS 12.1 Orion also aims to address visibility issues in complex cloud environments. Its Cloud Network and AI Risk Assessment feature automatically maps workloads, applications, and AI assets across different cloud platforms. This reduces blind spots and limits the need for manual asset tracking.
“By continuously assessing every asset for risks, the platform automatically deploys and scales security controls, including software firewalls and cloud firewalls, exactly where they are needed,” Oswal said. “By automating the discovery and protection of assets, this solution simplifies management, unifies security, and reduces the risk and cost of defending complex, dynamic environments.”
The message is that security needs to be built into digital transformation efforts from the start. As organizations adopt AI to improve efficiency, they must also recognize how these same technologies can accelerate emerging threats, including those related to quantum computing.
“Quantum security readiness is increasingly central to business resilience, as quantum computing has the potential to break the encryption methods that underpin digital trust,” Oswal said. “For organizations holding data with long-term value, the threat is immediate as adversaries are already conducting ‘harvest now, decrypt later’ attacks, capturing encrypted data today to decrypt once quantum computers become available.”
Over the next few years, Oswal said organizations should focus on gaining full visibility into their digital and cryptographic assets, preparing for post-quantum cryptography, and ensuring systems can support new standards without disrupting operations. Segmenting and isolating assets, including those that are not yet quantum-ready, will also be critical.
Quantum computing may still be emerging, but its impact on security planning is already real. For businesses and the people whose data they hold, early preparation could make the difference between staying protected and being exposed when the technology matures.