Encryption & Key Management
                                                    ,
                                                            Security Operations
                                                    ,
                                                            Video
                                                    
                    Gartner’s Bart Willemsen on Need to Adopt Post-Quantum Cryptography
                
Asymmetric cryptography methods, such as the Rivest-Shamir-Adleman algorithm and elliptic curve cryptography, which have protected organizations for three decades, may now face new quantum computing threats from nation-state adversaries who could soon dismantle these defenses.
See Also: Corelight’s Brian Dye on NDR’s Role in Defeating Ransomware
With adversaries executing “harvest now, decrypt later” attacks, the immediate threat underscores the need for enterprises to act now and transition to post-quantum cryptography, or PQC algorithms, to safeguard their data and maintain security.
“Harvest now, decrypt later means if it’s currently encrypted, they just store it. They see quantum come the same way we do, but they are probably a little bit more serious so that by the time they can decrypt this, there’s a third wave, and this is going to hurt,” said Bart Willemsen, vice president analyst at Gartner. “You may be too late to prevent what is coming, so complacency [to adopting PQC algorithms] cannot be an excuse.”
In this video interview with Information Security Media Group, Willemsen also discussed:
- Current enterprise adoption rates and implementation challenges associated with post-quantum cryptography solutions;
- Strategic approaches nation-states use beyond harvest now, decrypt later attacks;
- Evolving regulatory frameworks guiding post-quantum cryptography implementation across industries.
Willemsen focuses on privacy-related challenges in an international context, as well as on ethics, digital society and the intersection with modern technology including AI. He is a privacy and data protection advocate with accreditations such as CIPP/E, CIPM, CISA and CISM. Willemsen was among the earlier Fellows of Information Privacy.

