Quantum-Ready, Not Quantum-Only: A Holistic Approach to Security

Quantum-Safe Is Not Security-Safe:

Why Post-Quantum Cryptography Still Needs Cyber Hygiene

In this session, Dr Rani Ditcovski of Triarii Research makes a simple but important point that many security teams still overlook while focusing on the quantum future. Quantum-safe cryptography matters, and it matters now. But if an organisation upgrades its cryptography while leaving phishing, poor access control, weak certificate management and poor implementation untouched, it has not built resilience. It has built an expensive illusion.

That is the core of his warning. Quantum risk is real, but so is quantum tunnel vision.

NIST has already finalised its first post-quantum cryptography standards, including ML-KEM for key establishment and ML-DSA for digital signatures, and is urging organisations to begin transition work now because of the harvest-now, decrypt-later threat. In practical terms, attackers can steal encrypted data today and wait for future quantum capabilities to decrypt it. If that data will still be valuable in years to come, the risk already exists.

The real problem is bigger than the mathematics

It is tempting to see quantum security as a straightforward mathematical upgrade. Replace RSA and elliptic curve cryptography, deploy a few post-quantum algorithms, perhaps add some QKD, and consider the job done. Dr Ditcovski argues that this is the wrong way to think about it.

Security is a systems problem, not simply a mathematics problem.

Shor’s algorithm attracts most attention because, in theory, it threatens widely used public-key systems such as RSA and ECC. Grover’s algorithm is usually presented as less dramatic because it weakens brute-force resistance in symmetric cryptography rather than breaking it outright. NIST’s current guidance still permits AES-128, AES-192 and AES-256, while noting that future guidance will address any necessary symmetric transition. So the issue is not that everything fails tomorrow. It is that public-key migration is urgent, and system design remains critical.

That distinction matters because executives often look for silver bullets, while security teams know that silver bullets rarely exist.

Why QKD does not replace classical security

One of the strongest parts of the talk is the first case study, in which Dr Ditcovski explains how quantum key distribution, particularly BB84-style systems, fits into a broader secure communications stack.

QKD is compelling because it uses quantum mechanics to distribute key material in a way that can reveal eavesdropping. ETSI notes that QKD is designed to share keys privately without relying solely on computational complexity, and its standards work also addresses side channels, active attacks and interoperability. That final point is crucial. Even quantum systems operate within imperfect real-world networks full of interfaces, management layers and human error.

Dr Ditcovski’s practical point is that QKD does not magically encrypt all traffic. It generates, or helps protect, keys. The surrounding system still requires authenticated public channels, operational synchronisation, secure radio or fibre links, and conventional encryption for the data itself. Quantum physics may secure the front door, but the kitchen window still needs locking.

Hardware can still be deceived

The second case study is especially useful for security professionals because it shifts the discussion from elegant theory to operational reality.

An entangled-photon source in a QKD system may reduce trust assumptions. Yet reduced trust is not the same as a reduced attack surface. Dr Ditcovski describes classical attack paths such as Trojan-horse probing, detector blinding and side-channel leakage from detector backflash. None of these require science fiction. They exploit implementation details, optical components and physical behaviour.

This is the lesson many boards need to absorb. Physics-based security can still be undermined by hardware flaws, poor shielding, weak monitoring or missing filters. That is why ETSI’s QKD work explicitly highlights safe implementation and the mitigation of side channels and active attacks, not merely the elegance of the underlying science.

The countermeasures he outlines are notably unglamorous, which is precisely why they matter - optical isolation, broad filtering, monitoring, validation tests and randomness checks. In cyber security, glamour often comes just before the incident report.

Software can fail even when the algorithm is correct

The third case study may be the most relevant for CISOs because it feels so familiar. A client adopted post-quantum algorithms, compiled them correctly and installed them properly. On paper, everything appeared sound. In practice, the system remained insecure.

Why? Because replacing an old primitive with a new one is not the same as designing a secure protocol.

NIST’s standards make this distinction clear. ML-KEM is a key encapsulation mechanism, while ML-DSA is designed for digital signatures. These perform different functions. Treating a new primitive as a direct replacement for an older handshake pattern can introduce replay risk, freshness failures and broken trust chains. The mathematics may be sound while the engineering is flawed.

Dr Ditcovski’s response is pragmatic rather than ideological. Add explicit confirmation steps. Bind messages correctly. Use layered trust. In critical settings, hybrid approaches may be sensible, combining classical and post-quantum protections so that one failure does not become total compromise.

The framework leaders should use

The main business lesson from the presentation is that post-quantum migration should be managed as a resilience programme, not as a cryptographic shopping exercise.

The core principles are clear.

Know your threats.

Inventory the data that must remain confidential for years, identify where vulnerable public-key cryptography is still in use, and map legacy systems that may struggle to support heavier algorithms. NIST’s migration guidance stresses precisely this kind of transition planning because the threat includes long-lived data being harvested now.

Choose the right mix of controls.

Not every asset requires the most advanced quantum control. Some need PQC first. Some may justify QKD. Many need stronger identity and access management, better certificate lifecycle control, stronger network monitoring and tighter segmentation before any quantum technology is introduced.

Implement correctly.

Test protocols, not just primitives. Examine hardware, not just white papers. Validate monitoring, logging, authentication, rollback procedures and incident response.

Train people as part of the system.

The closing discussion makes this plain. An organisation can invest heavily in sophisticated cryptography and still fall victim to a simple phishing email. That is not a peripheral issue. It is central to the system.

What this means for technology and business

For business leaders, the message is both sobering and practical. Quantum preparedness is now part of mainstream cyber strategy, not an experimental side project. But the organisations that succeed will be those that treat it as part of defence-in-depth.

That means security architecture must connect quantum-safe cryptography with certificate management, endpoint trust, hardware assurance, software validation, access control, detection engineering and staff education. Firms that do this well will be safer. They will also avoid wasting money on poorly applied quantum controls.

The most effective response to the quantum era is not panic. It is disciplined integration.

Put simply, there is little value in buying a futuristic vault if the password is left on a sticky note.

Salient points

1. Quantum risk is already relevant for data with a long confidentiality lifespan because of harvest-now, decrypt-later threats.
2. NIST has published its first PQC standards and recommends beginning transition work now.
3. QKD can strengthen secure communications, but only when integrated safely with classical systems and authenticated channels.
4. Hardware attacks, side channels and implementation flaws can defeat even sophisticated quantum designs.
5. Post-quantum algorithms are not always direct replacements for classical protocols.
6. Defence-in-depth remains essential, particularly against phishing, misconfiguration and weak operational governance.

Market classification

Quantum cyber security, post-quantum cryptography, secure communications and critical infrastructure security.

Sub-markets and adjacent domains

QKD, PQC migration services, hardware assurance, secure networking, PKI and certificate management, zero trust, OT and critical infrastructure protection, and cyber risk consulting.

Competitor categories

Quantum security vendors, classical cyber security consultancies, PKI providers, HSM vendors, secure communications vendors, managed security providers, and critical infrastructure security specialists.

Market outlook

The market is moving from awareness to migration planning. Demand is likely to grow first in government, defence, telecoms, finance, healthcare and critical infrastructure, where long-lived sensitive data and regulatory pressure are strongest. NIST standardisation has shifted the conversation from someday to start now.

Demand drivers

1. Long-term confidentiality requirements
2. Regulatory and national security pressure
3. NIST PQC standardisation
4. Concern over harvest-now, decrypt-later attacks
5. Growth in critical infrastructure cyber risk
6. The need to modernise legacy trust architecture

Sources and references

1. NIST, Announcing Approval of Three Federal Information Processing Standards for Post-Quantum Cryptography
2. NIST, What Is Post-Quantum Cryptography?
3. NIST, FIPS 203, ML-KEM
4. NIST, FIPS 204, ML-DSA
5. NIST, PQC FAQs
6. ETSI, Quantum Key Distribution